CyberRota
← Ana sayfaya dön

CVE-2026-48615

HIGH · CVSS 7.5 EPSS %0.39

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-26T02:16:52.273 · Çekilme zamanı: 2026-06-30T18:34:50.863751+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-48615
Severity
HIGH
CVSS
7.5
EPSS
%0.39

Orijinal NVD Açıklaması

A flaw in Node.js proxy tunnel error handling could expose proxy credentials in `ERR_PROXY_TUNNEL` error messages. When proxy credentials are embedded in the proxy URL, they may be exposed through error handling paths and captured by logs, diagnostics, or other error consumers. This vulnerability affects all supported release lines: **Node.js 22**, **Node.js 24**, and **Node.js 26**.