A vulnerability was found in Node.js up to 22.22.3/24.16.0/26.3.0 . It has been declared as critical . Affected by this issue is some unknown functionality. The manipulation results in improper access controls. This vulnerability is known as CVE-2026-48930 . It is possible to launch the attack remotely. No exploit is available.