COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:33:19 PM NPT

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

// cve detail

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources
Events
Certificates
Arsenal
Tools
About

Connect

GitHub
LinkedIn
Email

COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:33:19 PM NPT

./cosmos

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

// intelligence feed

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources
Events
Certificates
Arsenal
Tools
About

Connect

GitHub
LinkedIn
Email

COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:33:19 PM NPT

./cosmos

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

// cve detail

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources
Events
Certificates
Arsenal
Tools
About

Connect

GitHub
LinkedIn
Email

CVE-2026-48936 | COSMOS

COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:33:19 PM NPT

./cosmos

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

All intelligence

// vulnerability record

cached · NVD via COSMOS sync

CVE-2026-48936

LOW

published 2026-06-26 02:16 UTC · 3 days ago · modified 2026-06-26 19:55 UTC

3.3

CVSS / 10

// description

A flaw in Node.js Permission API can cause a local server to be started (via a Unix domain socket), even without the `--allow-net` permission. This vulnerability affects one supported release line: **Node.js 26**.

// cvss 3.0 vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

// weaknesses (CWE)

CWE-284

// references (1)

https://nodejs.org/en/blog/vulnerability/june-2026-security-releases

NVD detail

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources

Connect

GitHub
LinkedIn
Email