NodeSource

Security Scorecard

Score

75C

Total CVEs

6

Patch Rate

67%

4 patched

Avg Response

-

days to patch

Critical Gaps

1

exploitable, no detection

Severity Breakdown

Critical1

High3

Medium1

Low0

Patch Status

Patched4 (67%)

Partial/Workaround0 (0%)

Unpatched2 (33%)

CVEs (6)

CVE ID	Title	Severity	Score	Days	Patch
CVE-2026-24842	Node-Tar Vulnerability	High	8.2	-	Patched
CVE-2021-47746	NodeBB Emoji Plugin Vulnerability	High	7.5	-	Patched
CVE-2025-55131	Node.js Buffer Overflow Vulnerability	High	7.1	-	Patched
CVE-2025-59464	Node.js OpenSSL Memory Leak Vulnerability	Medium	6.5	-	Patched
CVE-2025-41656	-	Critical	10.0	166d	Unpatched
CVE-2017-3952	-	N/A	-	2837d	Unpatched