- Fixed HTTP/2 memory leak on premature connection close and addressed ERR_PROTO issues (CVE‑2025‑23085).
- Patched path traversal vulnerability in normalize() on Windows (CVE‑2025‑23084).
- Updated undici to v5.28.5, mitigating insufficient randomness in fetch() (CVE‑2025‑22150).
Community impact
Community ratings: 0 Useful, 0 Noise, 0 Risky, 0 Broke, 0 Try.