FIND-20260404-021 · 2026-04-04 · Innovation Veille

Node.js Security Releases — v22.22.2, v24.14.1, v25.8.2 (March 24, 2026)

release MEDIUM
Coordinated Node.js security releases on March 24, 2026 patched 7-9 CVEs across LTS and Current lines. Affected areas: SNI callbacks, HTTP headers, crypto modules, file system modules. ODS tracks LTS 22.22.2 (Jod) — already at latest. LTS 24.14.1 (Krypton) is also available for migration consideration. Node.js v25.9.0 (Current, April 1) adds test runner module mocking improvements.

Source

https://nodejs.org/en/blog/vulnerability/march-2026-security-releases

ODS Impact

ODS Dashboard and notification-hub (if using Resend Node SDK) depend on Node.js LTS. Confirm srv-staging and CI environments are on v22.22.2 or v24.14.1 to pick up the March 24 security patches.

Security Review

License: MIT | Maintenance: ACTIVE | Risk: LOW | Recommendation: SAFE_TO_USE

Tags

nodejs release security lts ods-dashboard
Generated by ODS Innovation Veille · 2026-04-04T19:10:15+00:00