All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation.
node-bluetooth
{ "last_known_affected_version_range": "<= 1.2.6" }