GHSA-rv82-5vqw-69hjLowCVSS 1.8

A flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()`...

Published
June 18, 2026
Last Modified
June 18, 2026

🔗 CVE IDs covered (1)

📋 Description

A flaw in Node.js Permission Model enforcement allows Bypass via process.report.writeReport() Path Misvalidation. This can lead to confidentiality impact or bypass of the intended security boundary under affected configurations. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26.

🔗 References (4)