Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 580
Alerts This Week
Warning Icon 1 580

Rocky Linux 8 Node.js Important Security Advisory RLSA-2026-39868

rocky
Calendar Grey July 16, 2026
Rockylinux Esm H88
Critical security updates for nodejs on Rocky Linux 8 resolve multiple issues including Denial of Service and XSS vulnerabilities. Prompt action recommended.
Important: nodejs:24 security, bug fix, and enhancement update

Summary

An update is available for nodejs, module.nodejs, nodejs-packaging, nodejs-nodemon, module.nodejs-packaging, module.nodejs-nodemon. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RPMs

nodejs-1:24.18.0-1.module+el8.10.0+40252+a58646bc.aarch64.rpm

nodejs-1:24.18.0-1.module+el8.10.0+40252+a58646bc.src.rpm

nodejs-1:24.18.0-1.module+el8.10.0+40252+a58646bc.x86_64.rpm

nodejs-debuginfo-1:24.18.0-1.module+el8.10.0+40252+a58646bc.aarch64.rpm

nodejs-debuginfo-1:24.18.0-1.module+el8.10.0+40252+a58646bc.x86_64.rpm

nodejs-debugsource-1:24.18.0-1.module+el8.10.0+40252+a58646bc.aarch64.rpm

nodejs-debugsource-1:24.18.0-1.module+el8.10.0+40252+a58646bc.x86_64.rpm

nodejs-devel-1:24.18.0-1.module+el8.10.0+40252+a58646bc.aarch64.rpm

nodejs-devel-1:24.18.0-1.module+el8.10.0+40252+a58646bc.x86_64.rpm

nodejs-docs-1:24.18.0-1.module+el8.10.0+40252+a58646bc.noarch.rpm

nodejs-full-i18n-1:24.18.0-1.module+el8.10.0+40252+a58646bc.aarch64.rpm

nodejs-full-i18n-1:24.18.0-1.module+el8.10.0+40252+a58646bc.x86_64.rpm

nodejs-libs-1:24.18.0-1.module+el8.10.0+40252+a58646bc.aarch64.rpm

nodejs-libs-1:24.18.0-1.module+el8.10.0+40252+a58646bc.x86_64.rpm

Read the Full Advisory

References

No references

CVES

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-11525

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12151

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42338

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48615

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48618

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48619

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48928

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48930

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48933

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48934

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48935

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6733

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6734

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9678

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9697

Severity
important

Name: RLSA-2026:39868
Affected Products: Rocky Linux 8

Fixes

https://bugzilla.redhat.com/show_bug.cgi?id=2476810

https://bugzilla.redhat.com/show_bug.cgi?id=2489980

https://bugzilla.redhat.com/show_bug.cgi?id=2490000

https://bugzilla.redhat.com/show_bug.cgi?id=2490006

https://bugzilla.redhat.com/show_bug.cgi?id=2490008

https://bugzilla.redhat.com/show_bug.cgi?id=2490018

https://bugzilla.redhat.com/show_bug.cgi?id=2490024

https://bugzilla.redhat.com/show_bug.cgi?id=2493325

https://bugzilla.redhat.com/show_bug.cgi?id=2493326

https://bugzilla.redhat.com/show_bug.cgi?id=2493329

https://bugzilla.redhat.com/show_bug.cgi?id=2493331

https://bugzilla.redhat.com/show_bug.cgi?id=2493332

https://bugzilla.redhat.com/show_bug.cgi?id=2493333

https://bugzilla.redhat.com/show_bug.cgi?id=2493335

https://bugzilla.redhat.com/show_bug.cgi?id=2493337


Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.