Tuesday, March 24, 2026 Security Releases

Published: 3 days ago (March 16, 2026 at 11:00 PM EDT)

2 min read

Source: Node.js Blog

Summary

The Node.js project will release new versions of the 25.x, 24.x, 22.x, and 20.x release lines on or shortly after Tuesday, March 24, 2026 to address:

2 high‑severity issues
5 medium‑severity issues
2 low‑severity issues

Impact

The 25.x release line is vulnerable to 2 high‑severity, 5 medium‑severity, and 2 low‑severity issues.
The 24.x release line is vulnerable to 2 high‑severity, 4 medium‑severity, and 2 low‑severity issues.
The 22.x release line is vulnerable to 2 high‑severity, 4 medium‑severity, and 2 low‑severity issues.
The 20.x release line is vulnerable to 2 high‑severity, 4 medium‑severity, and 2 low‑severity issues.

End‑of‑Life versions are always affected when a security release occurs. To ensure your system’s security, please use an up‑to‑date version as outlined in our Release Schedule.

Release timing

Releases will be available on, or shortly after, Tuesday, March 24, 2026.

The current Node.js security policy can be found at .
Please follow the process outlined in the Node.js SECURITY.md if you wish to report a vulnerability.

Subscribe to the low‑volume announcement‑only nodejs-sec mailing list at to stay up to date on security vulnerabilities and security‑related releases of Node.js and the projects maintained in the Node.js GitHub organization.

Tuesday, March 24, 2026 Security Releases

Summary

Impact

Release timing

Related posts

Day 46 of #100DayOfCode — Security (Rate limiting CORS Helmet)

Generating PDFs from HTML in Node.js (and why I stopped using Puppeteer)

Building a Competitor Monitoring Tool in 30 Lines of Node.js

I built an MCP server for Shopify and Stripe write operations — the gap nobody filled