惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

D
Docker
Simon Willison's Weblog
Simon Willison's Weblog
H
Help Net Security
F
Fortinet All Blogs
H
Heimdal Security Blog
S
Schneier on Security
L
LangChain Blog
博客园 - Franky
酷 壳 – CoolShell
酷 壳 – CoolShell
NISL@THU
NISL@THU
P
Palo Alto Networks Blog
J
Java Code Geeks
博客园 - 【当耐特】
The Last Watchdog
The Last Watchdog
W
WeLiveSecurity
www.infosecurity-magazine.com
www.infosecurity-magazine.com
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
V
Vulnerabilities – Threatpost
I
InfoQ
Recorded Future
Recorded Future
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
C
CERT Recently Published Vulnerability Notes
T
Tenable Blog
腾讯CDC
C
Check Point Blog
量子位
M
MIT News - Artificial intelligence
GbyAI
GbyAI
罗磊的独立博客
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
B
Blog
小众软件
小众软件
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
C
CXSECURITY Database RSS Feed - CXSecurity.com
Stack Overflow Blog
Stack Overflow Blog
P
Proofpoint News Feed
P
Privacy & Cybersecurity Law Blog
V2EX - 技术
V2EX - 技术
T
Threatpost
Engineering at Meta
Engineering at Meta
Attack and Defense Labs
Attack and Defense Labs
T
Tailwind CSS Blog
S
Securelist
The Cloudflare Blog
博客园 - 叶小钗
L
LINUX DO - 最新话题
T
Troy Hunt's Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
爱范儿
爱范儿

Node.js Blog

Node.js — Security Bug Bounty Program Paused Due to Loss of Funding Node.js — Node.js 25.9.0 (Current) Node.js — Developing a minimally HashDoS resistant, yet quickly reversible integer hash for V8 Node.js — Node.js 25.8.2 (Current) Node.js — Node.js 24.14.1 (LTS) Node.js — Node.js 22.22.2 (LTS) Node.js — Node.js 20.20.2 (LTS) Node.js — Tuesday, March 24, 2026 Security Releases Node.js — Node.js 25.8.1 (Current) Node.js — Evolving the Node.js Release Schedule Node.js — Node.js 22.22.1 (LTS) Node.js — Node.js 20.20.1 (LTS) Node.js — Node.js 25.8.0 (Current) Node.js — Node.js 25.7.0 (Current) Node.js — Node.js 24.14.0 (LTS) Node.js — New HackerOne Signal Requirement for Vulnerability Reports Node.js — Node.js 25.6.1 (Current) Node.js — Node.js 24.13.1 (LTS) Node.js — Node.js 25.6.0 (Current) Node.js — OpenSSL Security Advisory Assessment, January 2026 Node.js — Node.js 25.5.0 (Current) Node.js — Chalk to Node.js util styleText Node.js — Node.js 25.4.0 (Current) Node.js — Mitigating Denial-of-Service Vulnerability from Unrecoverable Stack Space Exhaustion for React, Next.js, and APM Users Node.js — Node.js 22.22.0 (LTS) Node.js — Node.js 25.3.0 (Current) Node.js — Node.js 24.13.0 (LTS) Node.js — Node.js 20.20.0 (LTS) Node.js — Tuesday, January 13, 2026 Security Releases Node.js — Node.js 24.12.0 (LTS) Node.js — Node.js 20.19.6 (LTS) Node.js — Node.js 25.2.1 (Current) Node.js — Node.js 24.11.1 (LTS) Node.js — Node.js 25.2.0 (Current) Node.js — Node.js 25.1.0 (Current) Node.js — Node.js 22.21.1 (LTS) Node.js — Node.js 24.11.0 (LTS) Node.js — Node.js v22 to v24 Node.js — Node.js v20 to v22 Node.js — Node.js v14 to v16 Node.js — Node.js v12 to v14 Node.js — Node.js 22.21.0 (LTS) Node.js — Node.js 25.0.0 (Current) Node.js — Node.js 24.10.0 (Current) Node.js — Node.js 24.9.0 (Current) Node.js — Node.js 22.20.0 (LTS) Node.js — Node.js 24.8.0 (Current) Node.js — Node.js 20.19.5 (LTS) Node.js — Node.js 22.19.0 (LTS) Node.js — Node.js 24.7.0 (Current) Node.js — Node.js 24.6.0 (Current) Node.js — Node.js 22.18.0 (LTS) Node.js — Node.js 24.5.0 (Current) Node.js — Node.js 20.19.4 (LTS) Node.js — Node.js 22.17.1 (LTS) Node.js — Node.js 24.4.1 (Current) Node.js — Tuesday, July 15, 2025 Security Releases Node.js — Node.js 24.4.0 (Current) Node.js — Node.js LGBTQIA+ Stories: Emelia Smith Node.js — Open sourced identity Node.js — Node.js 22.17.0 (LTS) Node.js — Node.js 24.3.0 (Current) Node.js — Node.js 20.19.3 (LTS) Node.js — In Memory of Mikeal Rogers: A Builder of Communities Node.js — Node.js 24.2.0 (Current) Node.js — Beware of End-of-Life Node.js Versions - Upgrade or Seek Post-EOL Support Node.js — Trip report: Node.js collaboration summit (2025 Paris) Node.js — Node.js 22.16.0 (LTS) Node.js — Node.js 24.1.0 (Current) Node.js — Node.js 24.0.2 (Current) Node.js — Node.js 23.11.1 (Current) Node.js — Node.js 22.15.1 (LTS) Node.js — Node.js 20.19.2 (LTS) Node.js — Wednesday, May 14, 2025 Security Releases Node.js — Node.js 24.0.1 (Current) Node.js — Node.js 24.0.0 (Current) Node.js — Node.js Test CI Security Incident Node.js — Node.js 22.15.0 (LTS) Node.js — Node.js 20.19.1 (LTS) Node.js — Making Node.js Downloads Reliable Node.js — Node.js 23.11.0 (Current) Node.js — Node.js 23.10.0 (Current) Node.js — Node.js 20.19.0 (LTS) Node.js — Updates on CVE for End-of-Life Versions Node.js — Node.js 23.9.0 (Current) Node.js — Node.js 18.20.7 (LTS) Node.js — Node.js 20.18.3 (LTS) Node.js — Node.js 9.3.0 (Current) Node.js — Data Confidentiality/Integrity Vulnerability, December 2017 Node.js — Node.js 9.2.1 (Current) Node.js — Node.js 8.9.3 (LTS) Node.js — Node.js 4.8.7 (Maintenance) Node.js — Node.js 8.9.2 (LTS) Node.js — Node.js 6.12.1 (LTS) Node.js — Node.js 9.2.0 (Current) Node.js — Node.js 8.9.1 (LTS) Node.js — Node.js 9.1.0 (Current) Node.js — Node.js 0.10.35 (Stable) Node.js — Node.js 0.10.34 (Stable) Node.js — Node.js 0.10.29 (Stable)
Node.js — Node.js 26.3.1 (Current)
2026-06-18 · via Node.js Blog

Antoine du Hamel

2026-06-18, Version 26.3.1 (Current), @aduh95

This is a security release.

Notable Changes

  • (CVE-2026-48618) tls: normalize hostname for server identity checks (Matteo Collina) – High
  • (CVE-2026-48933) crypto: guard WebCrypto cipher output length (Filip Skokan) – High
  • (CVE-2026-48615) lib,test: redact proxy credentials in tunnel errors (Matteo Collina) – Medium
  • (CVE-2026-48619) http2: cap originSet size to prevent unbounded memory growth (Matteo Collina) – Medium
  • (CVE-2026-48928) tls: fix case-sensitive SNI context matching (Matteo Collina) – Medium
  • (CVE-2026-48930) dns,net: reject hostnames with embedded NUL bytes (Matteo Collina) – Medium
  • (CVE-2026-48934) tls: bind reusable sessions to authenticated host (Matteo Collina) – Medium
  • (CVE-2026-48617) permission: handle process.chdir on writereport (RafaelGSS) – Low
  • (CVE-2026-48931) http: fix response queue poisoning in http.Agent (Matteo Collina) – Low
  • (CVE-2026-48935) permission: disable FileHandle utimes with permission model (RafaelGSS) – Low
  • (CVE-2026-48936) permission: guard pipe open and chmod with net scope (RafaelGSS) – Low

Commits

Windows 64-bit Installer: https://nodejs.org/dist/v26.3.1/node-v26.3.1-x64.msi
Windows ARM 64-bit Installer: https://nodejs.org/dist/v26.3.1/node-v26.3.1-arm64.msi
Windows 64-bit Binary: https://nodejs.org/dist/v26.3.1/win-x64/node.exe
Windows ARM 64-bit Binary: https://nodejs.org/dist/v26.3.1/win-arm64/node.exe
macOS 64-bit Installer: https://nodejs.org/dist/v26.3.1/node-v26.3.1.pkg
macOS Apple Silicon 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-darwin-arm64.tar.gz
macOS Intel 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-darwin-x64.tar.gz
Linux 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-linux-x64.tar.xz
Linux PPC LE 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-linux-ppc64le.tar.xz
Linux s390x 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-linux-s390x.tar.xz
AIX 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-aix-ppc64.tar.gz
ARMv8 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-linux-arm64.tar.xz
Source Code: https://nodejs.org/dist/v26.3.1/node-v26.3.1.tar.gz
Other release files: https://nodejs.org/dist/v26.3.1/
Documentation: https://nodejs.org/docs/v26.3.1/api/

SHASUMS

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

8c0ef7465b17c31d6bfaea84d5b8d62944b543dcd2df42933aa0bff4771ebc5c  node-v26.3.1-aix-ppc64.tar.gz
bd0c50afcc7140b64b12e24f73f0681d68f84205575893561e6344dc09b71fc7  node-v26.3.1-arm64.msi
3f624ab0d774553c0d28b968e141d8c676a35a2811fb0b7b356ba9cbdce15f74  node-v26.3.1-darwin-arm64.tar.gz
49aca22a8c2992c16688baa512a7b00c41a4608e9675fcaa81534767bf1116ce  node-v26.3.1-darwin-arm64.tar.xz
3ec9e5a28c641c088f3d04ad38721bfdedb2f8aa8c031979fa93df08b5a92e58  node-v26.3.1-darwin-x64.tar.gz
dac58e340c721332d331a44c9ee2e126b26632c42d3028eb2ceb5c3f218798fa  node-v26.3.1-darwin-x64.tar.xz
a0fbaa7136174fa7533f6178c2331ffbaad5f25e9fd2e610fc3961b57fd5acae  node-v26.3.1-headers.tar.gz
e84075cd1296f089ad17bc87d34cea964bad7f1018378656af16d494adf91d1a  node-v26.3.1-headers.tar.xz
2f0829b201e9db20996ae15bce62138df1e3d317775b005778b05cf7b19714f1  node-v26.3.1-linux-arm64.tar.gz
c021380e64d1314d1218ab1f31e0f5b0f28f1f54ac779ef72a16c2bda0ca5c30  node-v26.3.1-linux-arm64.tar.xz
276d72c00b4cfedf3bc45bde6d1bd0a18e8c846ed150a5381c528112fa0ccabd  node-v26.3.1-linux-ppc64le.tar.gz
ec83deb41569e3896e8c4af4986c76dc0bf4e0eb909643b364d38e8a9f9f9091  node-v26.3.1-linux-ppc64le.tar.xz
740d35affe20683d244e494e0cc9710a91c1c6039ffdd0ed9f7d110c998bd23c  node-v26.3.1-linux-s390x.tar.gz
e8aece0730dc3dc808d66f8a8b8a6f87354ac941dfaa3a59a27022b2435abbcd  node-v26.3.1-linux-s390x.tar.xz
e892cd615e637edebcf22f9653d80fba63167ad6754d20881fd52cc37be81441  node-v26.3.1-linux-x64.tar.gz
55647180e4ae58ffeaa3294e89aa4abda7c371dfbd64b44cbdb022980177aae0  node-v26.3.1-linux-x64.tar.xz
40e8d2ad0a4f543c5e283ca0074ce8ea327062d448bf84f3cdfda27e736fbde8  node-v26.3.1-win-arm64.7z
021eb7de1d5257b24765f292dfcb469ff1528c29d88f48c875befb28114fb0fb  node-v26.3.1-win-arm64.zip
35c2ce21f7b0ea776b139cecc052641653abc31fb438cb17d096af7a9277d706  node-v26.3.1-win-x64.7z
45001b289ebffe7b22260898f3750059183d8246042b88e8ffa4337e65e6763e  node-v26.3.1-win-x64.zip
c07b05c3b9e22e1a408e630285f15201b86eaa32f5d9ca8cf35132c9caac0cf0  node-v26.3.1-x64.msi
942790eea681d9fa92b7c67343a2fd862b860546ad62f3a8a12f8ca72b784baf  node-v26.3.1.pkg
d38ec1c76d2651d2c597cffa46c8379b29e42baa5b82b7997981e8301b4b3387  node-v26.3.1.tar.gz
979b9b8308a8d2d4a27c662ed50448c85f970c0fd4f5ce8b98e8da78c441f2bc  node-v26.3.1.tar.xz
b8ad851e5ac8cbb784633ec905bd86a282697cc73eb1836c503f02968c7d2c41  win-arm64/node.exe
bd474f1ca8c44b2ab10e908c14447c5d91e1bac3f3a4d3141c78b6dbb5d1a253  win-arm64/node.lib
4ae86b1181dea3cf5a39c17600eec672df3b4d728643be91e3f6b3f8b9da6138  win-arm64/node_pdb.7z
8a256841ab4992714d817f8f15722f1db25520555823b4a9a6a6c75f86d44f17  win-arm64/node_pdb.zip
2e5b4362a7ea3478cb408a07189c19c16e487f188ac96db2e9e0f45ad8e21837  win-x64/node.exe
2f71186cc7649a7406b1616566700e397e9dd52bd7267440d78d78a1725bd312  win-x64/node.lib
e56e13c1a622751a9024b3d6e2c8806e992cd7f502bc3b22f47d7a471cdaee20  win-x64/node_pdb.7z
9dd4250f30eaf002777b719af182917c16ebb174b72a15575b5e81a93c1c989b  win-x64/node_pdb.zip

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQRb6KP2yKXAHRBsCtggsaOQsWjTVgUCajN11AAKCRAgsaOQsWjT
VgK3AQCiaZF1iVzuLrCodtoLumgZJqaNBJFuc+DheHSVx91waQEAoowJe+hn+Kx1
QRMAE1Eeb+Y8eH6UYaDP6ACMbGUiGwM=
=UJVW
-----END PGP SIGNATURE-----