CVE-2024-36137 A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the –allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to change the owner and permissions of a file.

Published May 31, 2026

Information published.

Privacy | General Terms & Conditions | Speed Test | Image Share | ASN

We use cookies to improve your experience. By continuing to use our site, you accept our use of cookies, revised Privacy Policy and Terms of Use.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.