Synced 17 Jun 2026 22:27 UTC Account
← All products

Node.js

OpenJS Foundation · Web / Runtime
↻ RSS feed
Monitors Node.js and tailors your dashboard to that exact version.
26.3.0 · latest cycle/100 Unknown

Summary iPlain-English security verdict for Node.js, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.

Node.js's security status could not be assessed at the last sync — vulnerability data was unavailable.

Disclosure trend iNew CVEs published for Node.js each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.

'19
'20
'21
'22
'23
'24
'25
'26

Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.

No urgent unpatched issues identified. ✓

Get alerted about Node.js

Be emailed the moment Node.js gets a newly exploited vulnerability (CISA KEV) or a release reaches end of life. Free · double opt-in · unsubscribe anytime.

We email only on real events for Node.js — no marketing, no sharing, and we never know what you run. Track your whole stack →

Monitor up to 200 products — freeHit ☆ Monitor on anything you run, then sign in (no password) to sync your stack across devices and unlock smart insights, risk history & CSV/JSON exports. Sign in free →

Versions & lifecycle iWhen each release line stops receiving security patches (end-of-life). After EOL there are no more fixes — plan upgrades before these dates.

How long each Node.js release line is supported — and when it sunsets. Select a line for its full report.

Apr30'29 Node.js 26EOL 2029-04-30
Apr30'28 Node.js 24EOL 2028-04-30
Apr30'27 Node.js 22EOL 2027-04-30
Jun1'26 Node.js 25ended 2026-06-01
Apr30'26 Node.js 20ended 2026-04-30
Jun1'25 Node.js 23ended 2025-06-01
Apr30'25 Node.js 18ended 2025-04-30
Jun1'24 Node.js 21ended 2024-06-01
Sept11'23 Node.js 16ended 2023-09-11
Jun1'23 Node.js 19ended 2023-06-01
Apr30'23 Node.js 14ended 2023-04-30
Jun1'22 Node.js 17ended 2022-06-01

Full Node.js end-of-life dates & support timeline →

26 latest 26.3.0 Supported until 2029-04-3026.3.0 → 25 latest 25.9.0 End of life ended 2026-06-0125.9.0 → 24 latest 24.16.0 Supported until 2028-04-3024.16.0 → 23 latest 23.11.1 End of life ended 2025-06-0123.11.1 → 22 latest 22.22.3 Supported until 2027-04-3022.22.3 → 21 latest 21.7.3 End of life ended 2024-06-0121.7.3 → 20 latest 20.20.2 End of life ended 2026-04-3020.20.2 → 19 latest 19.9.0 End of life ended 2023-06-0119.9.0 → 18 latest 18.20.8 End of life ended 2025-04-3018.20.8 → 17 latest 17.9.1 End of life ended 2022-06-0117.9.1 → See all upcoming end-of-life dates →

Frequently asked

Is Node.js safe and patched?

Node.js's security status could not be assessed at the last sync — vulnerability data was unavailable.

What should I do about Node.js now?

Upgrade Node.js to the latest supported release (26.3.0) or later and apply available security updates, then confirm against OpenJS Foundation's official advisory.

When does Node.js reach end-of-life?

The latest supported Node.js release is 26.3.0. After end-of-life a release no longer receives security patches.

Which versions of Node.js are still receiving security updates?

Supported Node.js release lines (latest 26.3.0): 26, 24, 22. End-of-life releases no longer receive security patches.

Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against OpenJS Foundation's official advisory before you patch or upgrade — Node.js official site ↗