- Security fixes address out-of-bounds write in HyperLogLog commands (CVE-2025-32023, CVE-2025-48367) and improve connection acceptance handling after errors.
- New VSIM feature adds WITHATTRIBS to return the JSON attribute associated with an element.
- Bug fixes prevent a short-read from causing replica exit and resolve defragmentation issues with expired keys.
Node.js changelog digest
Jun 30 - Jul 6, 2025. Useful releases, risky migrations, and noisy updates from the Node.js channel.
No matching updates in this bucket.
Node.js updates in 2025-w27
- Security patches addressing CVE-2025-32023 and CVE-2025-48367 (out-of-bounds write in HyperLogLog commands).
- Improved connection handling: retry accepting new connections even after an accept error.
- Fix out-of-bounds write in HyperLogLog commands (CVE‑2025‑32023).
- Retry accepting new connections even if the accepted connection reports an error (CVE‑2025‑48367).
- Fixed out-of-bounds write vulnerability in HyperLogLog commands (CVE‑2025‑32023, CVE‑2025‑48367).
- Improved server accept loop to retry accepting new connections even when a connection reports an error.
- Fixed PrismaClientInitializationError when using @prisma/client with @prisma/extension accelerate on a prisma+postgres:// connection string during client generation.
- Resolved array aggregation field errors in the query compiler that caused confusing data mapping failures.
- Added preview driver adapters for MySQL/MariaDB, Neon, and CockroachDB, enabling a Rust‑free Prisma ORM version; CLI now supports stopping and removing local Prisma Postgres instances and introduces a more flexible Prisma client generato...
- Fixed several bugs in the embedded Prisma Studio UI and released a @prisma/studio package for embedding Studio in external tools; introduced a Pricing Calculator and expanded Prisma Postgres regions with faster direct‑TCP connections.