Incomplete fix for CVE-2026-21637: loadSNI() in _tls_wrap.js lacks try/catch leading to Remote DoS

Disclosed: 2026-04-23 22:21:16 By mbarbs To nodejs

High

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 3556769
State: Closed
Substate: resolved
Upvotes: 1

Share this report