A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt() is a multiple of 2GiB.
This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26.
{
"cpes": [
"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"
],
"severity": "High"
}