Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Rocky Linux 9 Release RLSA-2026-7351 Uncovers Major Node.js Security Risks

rocky
Calendar Grey April 10, 2026
Rockylinux Esm H88
Rocky Linux nodejs receives important updates addressing critical Denial of Service issues from multiple CVEs. Stay updated!
Important: nodejs:24 security update

Summary

An update is available for nodejs, module.nodejs-packaging, nodejs-packaging, module.nodejs, nodejs-nodemon, module.nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RPMs

nodejs-nodemon-0:3.0.3-3.module+el9.7.0+40025+0e0cf6b2.noarch.rpm

nodejs-nodemon-0:3.0.3-3.module+el9.7.0+40025+0e0cf6b2.src.rpm

nodejs-packaging-0:2021.06-6.module+el9.7.0+40052+e32ea525.noarch.rpm

nodejs-packaging-0:2021.06-6.module+el9.7.0+40052+e32ea525.src.rpm

nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+40052+e32ea525.noarch.rpm

nodejs-1:24.14.1-2.module+el9.7.0+40151+7a588b37.aarch64.rpm

nodejs-1:24.14.1-2.module+el9.7.0+40151+7a588b37.ppc64le.rpm

nodejs-1:24.14.1-2.module+el9.7.0+40151+7a588b37.s390x.rpm

nodejs-1:24.14.1-2.module+el9.7.0+40151+7a588b37.src.rpm

nodejs-1:24.14.1-2.module+el9.7.0+40151+7a588b37.x86_64.rpm

nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+40151+7a588b37.aarch64.rpm

nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+40151+7a588b37.ppc64le.rpm

nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+40151+7a588b37.s390x.rpm

nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+40151+7a588b37.x86_64.rpm

nodejs-debugsource-1:24.14.1-2.module+el9.7.0+40151+7a588b37.aarch64.rpm

Read the Full Advisory

References

No references

CVES

https://www.cve.org/CVERecord?id=CVE-2026-1525

https://www.cve.org/CVERecord?id=CVE-2026-1526

https://www.cve.org/CVERecord?id=CVE-2026-1527

https://www.cve.org/CVERecord?id=CVE-2026-1528

https://www.cve.org/CVERecord?id=CVE-2026-21637

https://www.cve.org/CVERecord?id=CVE-2026-21710

https://www.cve.org/CVERecord?id=CVE-2026-21711

https://www.cve.org/CVERecord?id=CVE-2026-21712

https://www.cve.org/CVERecord?id=CVE-2026-21713

https://www.cve.org/CVERecord?id=CVE-2026-21714

https://www.cve.org/CVERecord?id=CVE-2026-21715

https://www.cve.org/CVERecord?id=CVE-2026-21716

https://www.cve.org/CVERecord?id=CVE-2026-21717

https://www.cve.org/CVERecord?id=CVE-2026-2229

https://www.cve.org/CVERecord?id=CVE-2026-25547

https://www.cve.org/CVERecord?id=CVE-2026-2581

https://www.cve.org/CVERecord?id=CVE-2026-26996

https://www.cve.org/CVERecord?id=CVE-2026-27135

Severity
important

Name: RLSA-2026:7350
Affected Products: Rocky Linux 9

Fixes

https://bugzilla.redhat.com/show_bug.cgi?id=2431340

https://bugzilla.redhat.com/show_bug.cgi?id=2436942

https://bugzilla.redhat.com/show_bug.cgi?id=2441268

https://bugzilla.redhat.com/show_bug.cgi?id=2447140

https://bugzilla.redhat.com/show_bug.cgi?id=2447141

https://bugzilla.redhat.com/show_bug.cgi?id=2447142

https://bugzilla.redhat.com/show_bug.cgi?id=2447143

https://bugzilla.redhat.com/show_bug.cgi?id=2447144

https://bugzilla.redhat.com/show_bug.cgi?id=2447145

https://bugzilla.redhat.com/show_bug.cgi?id=2448754

https://bugzilla.redhat.com/show_bug.cgi?id=2453037

https://bugzilla.redhat.com/show_bug.cgi?id=2453151

https://bugzilla.redhat.com/show_bug.cgi?id=2453152

https://bugzilla.redhat.com/show_bug.cgi?id=2453157

https://bugzilla.redhat.com/show_bug.cgi?id=2453158

https://bugzilla.redhat.com/show_bug.cgi?id=2453160

https://bugzilla.redhat.com/show_bug.cgi?id=2453161

https://bugzilla.redhat.com/show_bug.cgi?id=2453162


Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here