Node.js / update detail

2025-01-21, Version 20.18.2 'Iron' (LTS), @RafaelGSS

Official Node.js changelog summary with source attribution, release tags, and community reactions.

Track this Node.js release note alongside related changelog updates, risky changes, and weekly digest signals from the developer community.

Node.js1 year agoJan 21, 2025, 05:03 PMUsefulAI-assisted summary

score 0

~Fix multiple CVEs: internal worker permission check (CVE‑2025‑23083), HTTP/2 memory leak and ERR_PROTO (CVE‑2025‑23085), and Windows path traversal in normalize() (CVE‑2025‑23084)
~Update undici to v6.21.1 addressing CVE‑2025‑22150 (insufficiently random values in fetch)
~Apply related patches to src, loader, permission, and path modules

Security-relevant

official source

Verify the original release note

Every summary should remain traceable to the original changelog or release source.

AI-assisted summarysource failing

related updates

Node.js4 days agoJun 1, 2026, 01:10 PMUsefulAI-assisted summary

score 0

−Increase Buffer.poolSize default to 64 KiB and add new Buffer‑related improvements; introduce httpValidation option for stricter header validation and permission.drop API; upgrade crypto root certificates to NSS 3.123.1, harden WebCrypto...