CVE-2025-23165 | Node.js up to 20.19.1/22.15.0 UTF-16 Path uv_fs_s.file ReadFileUtf8 denial of service

A vulnerability classified as problematic has been found in Node.js up to 20.19.1/22.15.0. Affected is the function ReadFileUtf8 of the file uv_fs_s.file of the component UTF-16 Path Handler. The manipulation leads to denial of service.

This vulnerability is traded as CVE-2025-23165. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More