From eb23fec675b7825f498c6e6f65b17ec5842a37d4 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Thu, 18 Jun 2026 04:50:04 +0000
Subject: [PATCH 1/3] feat(blog): create post for v22.23.0 (#8959)

Co-authored-by: Create or Update Pull Request Action <create-or-update-pull-request@users.noreply.github.com>
---
 apps/site/pages/en/blog/release/v22.23.0.md | 131 ++++++++++++++++++++
 1 file changed, 131 insertions(+)
 create mode 100644 apps/site/pages/en/blog/release/v22.23.0.md

diff --git a/apps/site/pages/en/blog/release/v22.23.0.md b/apps/site/pages/en/blog/release/v22.23.0.md
new file mode 100644
index 0000000000000..bc0634740f63f
--- /dev/null
+++ b/apps/site/pages/en/blog/release/v22.23.0.md
@@ -0,0 +1,131 @@
+---
+date: '2026-06-18T04:38:19.322Z'
+category: release
+title: Node.js 22.23.0 (LTS)
+layout: blog-post
+author: Antoine du Hamel
+---
+
+## 2026-06-18, Version 22.23.0 'Jod' (LTS), @aduh95
+
+This is a security release.
+
+### Notable Changes
+
+- (CVE-2026-48618) tls: normalize hostname for server identity checks (Matteo Collina) – High
+- (CVE-2026-48933) crypto: guard WebCrypto cipher output length (Filip Skokan) – High
+- (CVE-2026-48937) deps: fix integration issues with the latest nghttp2 – Medium
+- (CVE-2026-48930) dns,net: reject hostnames with embedded NUL bytes (Matteo Collina) – Medium
+- (CVE-2026-48619) http2: cap originSet size to prevent unbounded memory growth (Matteo Collina) – Medium
+- (CVE-2026-48615) lib,test: redact proxy credentials in tunnel errors (Matteo Collina) – Medium
+- (CVE-2026-48934) tls: bind reusable sessions to authenticated host (Matteo Collina) – Medium
+- (CVE-2026-48928) tls: fix case-sensitive SNI context matching (Matteo Collina) – Medium
+- (CVE-2026-48617) permission: handle process.chdir on writereport (RafaelGSS) – Low
+- (CVE-2026-48931) http: fix response queue poisoning in http.Agent (Matteo Collina) – Low
+- (CVE-2026-48935) permission: disable FileHandle utimes with permission model (RafaelGSS) – Low
+
+### Commits
+
+- \[[`38b4c5ed51`](https://github.com/nodejs/node/commit/38b4c5ed51)] - **(CVE-2026-48933)** **crypto**: guard WebCrypto cipher output length (Filip Skokan) [nodejs-private/node-private#878](https://github.com/nodejs-private/node-private/pull/878)
+- \[[`ad8a10c1bb`](https://github.com/nodejs/node/commit/ad8a10c1bb)] - **deps**: update llhttp to 9.4.2 (Antoine du Hamel) [nodejs-private/node-private#890](https://github.com/nodejs-private/node-private/pull/890)
+- \[[`ca825a87cc`](https://github.com/nodejs/node/commit/ca825a87cc)] - **deps**: update undici to 6.27.0 (aduh95) [#63711](https://github.com/nodejs/node/pull/63711)
+- \[[`a1a5bb9683`](https://github.com/nodejs/node/commit/a1a5bb9683)] - **(CVE-2026-48937)** **deps**: fix integration issues with the latest nghttp2 (Tim Perry) [#62891](https://github.com/nodejs/node/pull/62891)
+- \[[`0f48583512`](https://github.com/nodejs/node/commit/0f48583512)] - **(SEMVER-MAJOR)** **deps**: update nghttp2 to 1.69.0 (Node.js GitHub Bot) [#62891](https://github.com/nodejs/node/pull/62891)
+- \[[`38c869fc05`](https://github.com/nodejs/node/commit/38c869fc05)] - **deps**: update nghttp2 to 1.68.0 (nodejs-github-bot) [#61136](https://github.com/nodejs/node/pull/61136)
+- \[[`290667c84f`](https://github.com/nodejs/node/commit/290667c84f)] - **deps**: update nghttp2 to 1.67.1 (nodejs-github-bot) [#59790](https://github.com/nodejs/node/pull/59790)
+- \[[`c9f3da76aa`](https://github.com/nodejs/node/commit/c9f3da76aa)] - **deps**: update nghttp2 to 1.66.0 (Node.js GitHub Bot) [#58786](https://github.com/nodejs/node/pull/58786)
+- \[[`60890be563`](https://github.com/nodejs/node/commit/60890be563)] - **deps**: update nghttp2 to 1.65.0 (Node.js GitHub Bot) [#57269](https://github.com/nodejs/node/pull/57269)
+- \[[`5024c7d5d8`](https://github.com/nodejs/node/commit/5024c7d5d8)] - **deps**: update archs files for openssl-3.5.7 (Node.js GitHub Bot) [#63820](https://github.com/nodejs/node/pull/63820)
+- \[[`7f4eb5af2e`](https://github.com/nodejs/node/commit/7f4eb5af2e)] - **deps**: upgrade openssl sources to openssl-3.5.7 (Node.js GitHub Bot) [#63820](https://github.com/nodejs/node/pull/63820)
+- \[[`ebb4ec78a8`](https://github.com/nodejs/node/commit/ebb4ec78a8)] - **deps**: fix aix implicit declaration in OpenSSL (Abdirahim Musse) [#62656](https://github.com/nodejs/node/pull/62656)
+- \[[`5763d40826`](https://github.com/nodejs/node/commit/5763d40826)] - **deps**: update llhttp to 9.4.1 (Node.js GitHub Bot) [#63045](https://github.com/nodejs/node/pull/63045)
+- \[[`c551a51d0c`](https://github.com/nodejs/node/commit/c551a51d0c)] - **(CVE-2026-48930)** **dns,net**: reject hostnames with embedded NUL bytes (Matteo Collina) [nodejs-private/node-private#868](https://github.com/nodejs-private/node-private/pull/868)
+- \[[`0a22d40180`](https://github.com/nodejs/node/commit/0a22d40180)] - **(CVE-2026-48931)** **http**: fix response queue poisoning in http.Agent (Matteo Collina) [nodejs-private/node-private#846](https://github.com/nodejs-private/node-private/pull/846)
+- \[[`c79968e108`](https://github.com/nodejs/node/commit/c79968e108)] - **(CVE-2026-48619)** **http2**: cap originSet size to prevent unbounded memory growth (Matteo Collina) [nodejs-private/node-private#855](https://github.com/nodejs-private/node-private/pull/855)
+- \[[`0c37bff2ff`](https://github.com/nodejs/node/commit/0c37bff2ff)] - **http2**: fix DEP0194 message (KaKa) [#58669](https://github.com/nodejs/node/pull/58669)
+- \[[`ea5dc6b529`](https://github.com/nodejs/node/commit/ea5dc6b529)] - **(SEMVER-MAJOR)** **http2**: remove support for priority signaling (Matteo Collina) [#58293](https://github.com/nodejs/node/pull/58293)
+- \[[`9b6af26132`](https://github.com/nodejs/node/commit/9b6af26132)] - **(CVE-2026-48615)** **lib,test**: redact proxy credentials in tunnel errors (Matteo Collina) [nodejs-private/node-private#867](https://github.com/nodejs-private/node-private/pull/867)
+- \[[`28dcd38864`](https://github.com/nodejs/node/commit/28dcd38864)] - **(CVE-2026-48935)** **permission**: disable FileHandle utimes with permission model (RafaelGSS) [nodejs-private/node-private#873](https://github.com/nodejs-private/node-private/pull/873)
+- \[[`2f62693801`](https://github.com/nodejs/node/commit/2f62693801)] - **(CVE-2026-48617)** **permission**: handle process.chdir on writereport (RafaelGSS) [nodejs-private/node-private#870](https://github.com/nodejs-private/node-private/pull/870)
+- \[[`1662a3ea09`](https://github.com/nodejs/node/commit/1662a3ea09)] - **test**: add session reuse host verification regressions (Matteo Collina) [nodejs-private/node-private#854](https://github.com/nodejs-private/node-private/pull/854)
+- \[[`718d5d0e2c`](https://github.com/nodejs/node/commit/718d5d0e2c)] - **test**: skip `test-fs-utimes-y2K38` on armv7 (Richard Lau) [#63836](https://github.com/nodejs/node/pull/63836)
+- \[[`041185b61f`](https://github.com/nodejs/node/commit/041185b61f)] - **test**: skip test-cluster-dgram-reuse on AIX 7.3 (Stewart X Addison) [#62238](https://github.com/nodejs/node/pull/62238)
+- \[[`fd890ba01d`](https://github.com/nodejs/node/commit/fd890ba01d)] - **(CVE-2026-48934)** **tls**: bind reusable sessions to authenticated host (Matteo Collina) [nodejs-private/node-private#854](https://github.com/nodejs-private/node-private/pull/854)
+- \[[`39d1d09684`](https://github.com/nodejs/node/commit/39d1d09684)] - **(CVE-2026-48928)** **tls**: fix case-sensitive SNI context matching (Matteo Collina) [nodejs-private/node-private#857](https://github.com/nodejs-private/node-private/pull/857)
+- \[[`2197a47144`](https://github.com/nodejs/node/commit/2197a47144)] - **(CVE-2026-48618)** **tls**: normalize hostname for server identity checks (Matteo Collina) [nodejs-private/node-private#869](https://github.com/nodejs-private/node-private/pull/869)
+
+Windows 32-bit Installer: https://nodejs.org/dist/v22.23.0/node-v22.23.0-x86.msi \
+Windows 64-bit Installer: https://nodejs.org/dist/v22.23.0/node-v22.23.0-x64.msi \
+Windows ARM 64-bit Installer: https://nodejs.org/dist/v22.23.0/node-v22.23.0-arm64.msi \
+Windows 32-bit Binary: https://nodejs.org/dist/v22.23.0/win-x86/node.exe \
+Windows 64-bit Binary: https://nodejs.org/dist/v22.23.0/win-x64/node.exe \
+Windows ARM 64-bit Binary: https://nodejs.org/dist/v22.23.0/win-arm64/node.exe \
+macOS 64-bit Installer: https://nodejs.org/dist/v22.23.0/node-v22.23.0.pkg \
+macOS Apple Silicon 64-bit Binary: https://nodejs.org/dist/v22.23.0/node-v22.23.0-darwin-arm64.tar.gz \
+macOS Intel 64-bit Binary: https://nodejs.org/dist/v22.23.0/node-v22.23.0-darwin-x64.tar.gz \
+Linux 64-bit Binary: https://nodejs.org/dist/v22.23.0/node-v22.23.0-linux-x64.tar.xz \
+Linux PPC LE 64-bit Binary: https://nodejs.org/dist/v22.23.0/node-v22.23.0-linux-ppc64le.tar.xz \
+Linux s390x 64-bit Binary: https://nodejs.org/dist/v22.23.0/node-v22.23.0-linux-s390x.tar.xz \
+AIX 64-bit Binary: https://nodejs.org/dist/v22.23.0/node-v22.23.0-aix-ppc64.tar.gz \
+ARMv7 32-bit Binary: https://nodejs.org/dist/v22.23.0/node-v22.23.0-linux-armv7l.tar.xz \
+ARMv8 64-bit Binary: https://nodejs.org/dist/v22.23.0/node-v22.23.0-linux-arm64.tar.xz \
+Source Code: https://nodejs.org/dist/v22.23.0/node-v22.23.0.tar.gz \
+Other release files: https://nodejs.org/dist/v22.23.0/ \
+Documentation: https://nodejs.org/docs/v22.23.0/api/
+
+### SHASUMS
+
+```
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+5c595ef33e1b1dcd48128690ab599cf246b51abed470928706edaf56f1d04248  node-v22.23.0-aix-ppc64.tar.gz
+d963392c08a9d0f7f1458410a43c8c0e7dd78712f01b5ffa561f00a3044a47ff  node-v22.23.0-arm64.msi
+e0f383a215dd3093de6d2c74f87056dc2306a2e09ad494cbffdba28f89046f56  node-v22.23.0-darwin-arm64.tar.gz
+69a741a8938e3efbd7098ca1681a179f771bc9bbf733a799e9ed81949a602f73  node-v22.23.0-darwin-arm64.tar.xz
+dc2ccab261fd70c347e4cc52085d8d226f471ccba1fc2a7252283949b31ca9f9  node-v22.23.0-darwin-x64.tar.gz
+c339a9bc031a98bac0dba90f57370ac5ae68e4549045c8f51e740f375a0b8799  node-v22.23.0-darwin-x64.tar.xz
+ac07673009b92d70f3d842df28204e92785234bae6b4d5785f63fbca8408fc69  node-v22.23.0-headers.tar.gz
+b0a0a71751aa17ac9190a47c34d1439a2118493dcc323c5eae27fb691b8446d9  node-v22.23.0-headers.tar.xz
+0c96aa074abd109e0b5da8d10202a9bbcea9bcf9ddb587b20944f71b8f21f8c8  node-v22.23.0-linux-arm64.tar.gz
+4018815ac1bed4f18208901bbde524fee881253b591ee7bc952660e69bd057af  node-v22.23.0-linux-arm64.tar.xz
+2a6ac877b2381711c55178052a6f481171e0964c2f8d33d0cfe36d8e35f1c2c0  node-v22.23.0-linux-armv7l.tar.gz
+6f983135f5bbf1bf017686c93bbabcb616473578f75ef43c773c1556b404a50a  node-v22.23.0-linux-armv7l.tar.xz
+740fa84ba1d3e7f5d3155f9f7b71e2189d2fbba119df0c0c59533dc7e415efe1  node-v22.23.0-linux-ppc64le.tar.gz
+864760dde36a03bf0da8f74b511c41a31adae4f50284a20066518775269539aa  node-v22.23.0-linux-ppc64le.tar.xz
+274c8946cd95bd3b7b586c1bfb35de315836f9e8863e29dd264decc73e652b8a  node-v22.23.0-linux-s390x.tar.gz
+8c5ba195dff6c11a292ffbe199931c7b52d3f233d25fa908718b99d0e0f9d09d  node-v22.23.0-linux-s390x.tar.xz
+535eeb608ca1e0b71d49a0e36991d449d5f935fbb04eca61677519b010cd673a  node-v22.23.0-linux-x64.tar.gz
+14d7de44f235534799f8b171a4050d9a6a4bc99c87e053a25d3d54afa580aa20  node-v22.23.0-linux-x64.tar.xz
+e42354513cbee40eba62db30cd8132bbc2a1896c4f6f85483bd67e318c115cc0  node-v22.23.0-win-arm64.7z
+8d540a7a1eeb3ff6681f516c47d786964b874acdaa4fd83338d6898bbb4f68a4  node-v22.23.0-win-arm64.zip
+b9114632eff5fd061da5ec72656b13e50ca9736af5551f0737f10b26cba2a12b  node-v22.23.0-win-x64.7z
+425a5bd68cc95e8eb16bcccd0a75081b48983fc6a26f67126bd4d6c7198231e8  node-v22.23.0-win-x64.zip
+21ef41b8a7e9904643f813db751d75599ef0c5774845b534ad70c46aa8d0c14c  node-v22.23.0-win-x86.7z
+28948dbed0828d20cf64aca0a451fa38967214ccb87d02e7048db6398545b0c0  node-v22.23.0-win-x86.zip
+aea5493d05c20996a817c45312d9bc8c6b062bfb6737afc2bab542c42fbb8835  node-v22.23.0-x64.msi
+87154158fa4ad843e0e03a08c2f7d17b414bbd4a74b1986d7b011403edffd511  node-v22.23.0-x86.msi
+62e5eb26a68aadf2458e3a3eaf84fae9ecc4870aeaabcefc636b69997552842e  node-v22.23.0.pkg
+61fd42cd1c3ff04a849f5ad5d08c58b111831944b5b94bc90fc623eab41418a2  node-v22.23.0.tar.gz
+3acfae100c7b855a4c76520ee0f95cadcace3f4254f16b7d4887f178fc95d4a0  node-v22.23.0.tar.xz
+abe829ba4e4fbabdcf3117ac013ecbb61469c2ccebebb87f84b41c7cdd8dfaf9  win-arm64/node.exe
+e56e62f4a7ae6643a40db01f09072e8a93ccbe73be8abff927b793344691d6b7  win-arm64/node.lib
+35a4655f6475f6387e13938439f925cb8ab33cf74721f88b1d77f5c855285c95  win-arm64/node_pdb.7z
+d81c12c2a42291a4f8317313f8e8d19ba9cd9a9fd722d0aba3e13e64d1fcdedc  win-arm64/node_pdb.zip
+17347995af08dadcc73a1a154f0942559fbc3f37b9ba57d4576b4d2bcb2834a2  win-x64/node.exe
+ac15f1e9d7c8279353723a77f6319967f1a41c06026521094a8234c2e6fbe052  win-x64/node.lib
+901e9eef6f41c2b2a4a17670edc7854f7434bbb3120815bb8c146e244c2527e4  win-x64/node_pdb.7z
+8b4d97c4454f37dc2a4dbe5821f428fc45ef066fb076ce6f395cc45c76aab692  win-x64/node_pdb.zip
+8b4369dd36679fcaf7146d6627d1ca1c1ea04bf933f91f9c61630d158df82bc0  win-x86/node.exe
+66949ba371a159f5e3626f6ce960f85ab6bcdd237eafcdfbc11d1377a2767652  win-x86/node.lib
+a52afc61556fee95d22f0a401a761714d585f5596b7cf92d175a3f238b08bdba  win-x86/node_pdb.7z
+8df46485e8d327e66eea65538845bdf31350ed76d921c6512ec6fa044a814a7e  win-x86/node_pdb.zip
+
+-----BEGIN PGP SIGNATURE-----
+
+iHUEARYIAB0WIQRb6KP2yKXAHRBsCtggsaOQsWjTVgUCajN0uQAKCRAgsaOQsWjT
+VrCOAQCGN/ZUCGhmojChsyAmHwY6dkE0C6v+pkT+R2Z0gi6M4AD9HGnS7wyeo2qY
++2RqcJ1iGGuYD7/DPIY1emFpLja9hws=
+=nIm4
+-----END PGP SIGNATURE-----
+```

From 2bd5c8d2a7c69d362be872f6097ce12b92800587 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Thu, 18 Jun 2026 04:52:52 +0000
Subject: [PATCH 2/3] feat(blog): create post for v24.17.0 (#8960)

Co-authored-by: Create or Update Pull Request Action <create-or-update-pull-request@users.noreply.github.com>
---
 apps/site/pages/en/blog/release/v24.17.0.md | 110 ++++++++++++++++++++
 1 file changed, 110 insertions(+)
 create mode 100644 apps/site/pages/en/blog/release/v24.17.0.md

diff --git a/apps/site/pages/en/blog/release/v24.17.0.md b/apps/site/pages/en/blog/release/v24.17.0.md
new file mode 100644
index 0000000000000..96eedd08f6ebf
--- /dev/null
+++ b/apps/site/pages/en/blog/release/v24.17.0.md
@@ -0,0 +1,110 @@
+---
+date: '2026-06-18T04:38:38.484Z'
+category: release
+title: Node.js 24.17.0 (LTS)
+layout: blog-post
+author: Antoine du Hamel
+---
+
+## 2026-06-18, Version 24.17.0 'Krypton' (LTS), @aduh95
+
+This is a security release.
+
+### Notable Changes
+
+- (CVE-2026-48618) tls: normalize hostname for server identity checks (Matteo Collina) – High
+- (CVE-2026-48933) crypto: guard WebCrypto cipher output length (Filip Skokan) – High
+- (CVE-2026-48615) lib,test: redact proxy credentials in tunnel errors (Matteo Collina) – Medium
+- (CVE-2026-48619) http2: cap originSet size to prevent unbounded memory growth (Matteo Collina) – Medium
+- (CVE-2026-48928) tls: fix case-sensitive SNI context matching (Matteo Collina) – Medium
+- (CVE-2026-48930) dns,net: reject hostnames with embedded NUL bytes (Matteo Collina) – Medium
+- (CVE-2026-48934) tls: bind reusable sessions to authenticated host (Matteo Collina) – Medium
+- (CVE-2026-48937) deps: fix integration issues with the latest nghttp2 – Medium
+- (CVE-2026-48617) permission: handle process.chdir on writereport (RafaelGSS) – Low
+- (CVE-2026-48931) http: fix response queue poisoning in http.Agent (Matteo Collina) – Low
+- (CVE-2026-48935) permission: disable FileHandle utimes with permission model (RafaelGSS) – Low
+
+### Commits
+
+- \[[`9e4dfc7bba`](https://github.com/nodejs/node/commit/9e4dfc7bba)] - **(CVE-2026-48933)** **crypto**: guard WebCrypto cipher output length (Filip Skokan) [nodejs-private/node-private#878](https://github.com/nodejs-private/node-private/pull/878)
+- \[[`cb2aed980c`](https://github.com/nodejs/node/commit/cb2aed980c)] - **deps**: update llhttp to 9.4.2 (Antoine du Hamel) [nodejs-private/node-private#890](https://github.com/nodejs-private/node-private/pull/890)
+- \[[`a8a0d12875`](https://github.com/nodejs/node/commit/a8a0d12875)] - **(CVE-2026-48937)** **deps**: fix integration issues with the latest nghttp2 (Tim Perry) [#62891](https://github.com/nodejs/node/pull/62891)
+- \[[`66e6203c1c`](https://github.com/nodejs/node/commit/66e6203c1c)] - **(SEMVER-MAJOR)** **deps**: update nghttp2 to 1.69.0 (Node.js GitHub Bot) [#62891](https://github.com/nodejs/node/pull/62891)
+- \[[`dd627ced27`](https://github.com/nodejs/node/commit/dd627ced27)] - **deps**: update archs files for openssl-3.5.7 (Node.js GitHub Bot) [#63820](https://github.com/nodejs/node/pull/63820)
+- \[[`684bae568f`](https://github.com/nodejs/node/commit/684bae568f)] - **deps**: upgrade openssl sources to openssl-3.5.7 (Node.js GitHub Bot) [#63820](https://github.com/nodejs/node/pull/63820)
+- \[[`3a631e7f83`](https://github.com/nodejs/node/commit/3a631e7f83)] - **deps**: fix aix implicit declaration in OpenSSL (Abdirahim Musse) [#62656](https://github.com/nodejs/node/pull/62656)
+- \[[`cf44df3996`](https://github.com/nodejs/node/commit/cf44df3996)] - **deps**: update undici to 7.28.0 (Node.js GitHub Bot) [#63703](https://github.com/nodejs/node/pull/63703)
+- \[[`138c70294b`](https://github.com/nodejs/node/commit/138c70294b)] - **(CVE-2026-48930)** **dns,net**: reject hostnames with embedded NUL bytes (Matteo Collina) [nodejs-private/node-private#868](https://github.com/nodejs-private/node-private/pull/868)
+- \[[`be7e719c3f`](https://github.com/nodejs/node/commit/be7e719c3f)] - **(CVE-2026-48931)** **http**: fix response queue poisoning in http.Agent (Matteo Collina) [nodejs-private/node-private#846](https://github.com/nodejs-private/node-private/pull/846)
+- \[[`cc7c11b4d1`](https://github.com/nodejs/node/commit/cc7c11b4d1)] - **(CVE-2026-48619)** **http2**: cap originSet size to prevent unbounded memory growth (Matteo Collina) [nodejs-private/node-private#855](https://github.com/nodejs-private/node-private/pull/855)
+- \[[`9224427b92`](https://github.com/nodejs/node/commit/9224427b92)] - **(CVE-2026-48615)** **lib,test**: redact proxy credentials in tunnel errors (Matteo Collina) [nodejs-private/node-private#867](https://github.com/nodejs-private/node-private/pull/867)
+- \[[`cf85d54839`](https://github.com/nodejs/node/commit/cf85d54839)] - **(CVE-2026-48935)** **permission**: disable FileHandle utimes with permission model (RafaelGSS) [nodejs-private/node-private#873](https://github.com/nodejs-private/node-private/pull/873)
+- \[[`a1bbc24f96`](https://github.com/nodejs/node/commit/a1bbc24f96)] - **(CVE-2026-48617)** **permission**: handle process.chdir on writereport (RafaelGSS) [nodejs-private/node-private#870](https://github.com/nodejs-private/node-private/pull/870)
+- \[[`e3723ff2d6`](https://github.com/nodejs/node/commit/e3723ff2d6)] - **test**: add session reuse host verification regressions (Matteo Collina) [nodejs-private/node-private#854](https://github.com/nodejs-private/node-private/pull/854)
+- \[[`a77af4867b`](https://github.com/nodejs/node/commit/a77af4867b)] - **(CVE-2026-48934)** **tls**: bind reusable sessions to authenticated host (Matteo Collina) [nodejs-private/node-private#854](https://github.com/nodejs-private/node-private/pull/854)
+- \[[`31beb4f707`](https://github.com/nodejs/node/commit/31beb4f707)] - **(CVE-2026-48928)** **tls**: fix case-sensitive SNI context matching (Matteo Collina) [nodejs-private/node-private#857](https://github.com/nodejs-private/node-private/pull/857)
+- \[[`8e75c73f91`](https://github.com/nodejs/node/commit/8e75c73f91)] - **(CVE-2026-48618)** **tls**: normalize hostname for server identity checks (Matteo Collina) [nodejs-private/node-private#869](https://github.com/nodejs-private/node-private/pull/869)
+
+Windows 64-bit Installer: https://nodejs.org/dist/v24.17.0/node-v24.17.0-x64.msi \
+Windows ARM 64-bit Installer: https://nodejs.org/dist/v24.17.0/node-v24.17.0-arm64.msi \
+Windows 64-bit Binary: https://nodejs.org/dist/v24.17.0/win-x64/node.exe \
+Windows ARM 64-bit Binary: https://nodejs.org/dist/v24.17.0/win-arm64/node.exe \
+macOS 64-bit Installer: https://nodejs.org/dist/v24.17.0/node-v24.17.0.pkg \
+macOS Apple Silicon 64-bit Binary: https://nodejs.org/dist/v24.17.0/node-v24.17.0-darwin-arm64.tar.gz \
+macOS Intel 64-bit Binary: https://nodejs.org/dist/v24.17.0/node-v24.17.0-darwin-x64.tar.gz \
+Linux 64-bit Binary: https://nodejs.org/dist/v24.17.0/node-v24.17.0-linux-x64.tar.xz \
+Linux PPC LE 64-bit Binary: https://nodejs.org/dist/v24.17.0/node-v24.17.0-linux-ppc64le.tar.xz \
+Linux s390x 64-bit Binary: https://nodejs.org/dist/v24.17.0/node-v24.17.0-linux-s390x.tar.xz \
+AIX 64-bit Binary: https://nodejs.org/dist/v24.17.0/node-v24.17.0-aix-ppc64.tar.gz \
+ARMv8 64-bit Binary: https://nodejs.org/dist/v24.17.0/node-v24.17.0-linux-arm64.tar.xz \
+Source Code: https://nodejs.org/dist/v24.17.0/node-v24.17.0.tar.gz \
+Other release files: https://nodejs.org/dist/v24.17.0/ \
+Documentation: https://nodejs.org/docs/v24.17.0/api/
+
+### SHASUMS
+
+```
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+31e9fc249c74a3a6dfeca4758229f003620459b42c3749f7c423f2999d09a727  node-v24.17.0-aix-ppc64.tar.gz
+adee7826d2840efd66cec5e79c9b4e151f4815ac0e24f92cf334bc28d7f1f83c  node-v24.17.0-arm64.msi
+4fc3266a3702eebc39cc37661cf4eeceeade307e242ab64e4d7ce7949197e11f  node-v24.17.0-darwin-arm64.tar.gz
+cf7e9152d7bd86c140f6eccf3577abfbaf8960be1ca49d9d900e8484984dcb9a  node-v24.17.0-darwin-arm64.tar.xz
+80da552fe037290cb130e9dea590f5eeeb7aa450636f0c89ab41415511c1ec27  node-v24.17.0-darwin-x64.tar.gz
+fe50e386f6a5e0b29ce44b989e543da9fb9a80aed0b91a2f0cb19c55106921fc  node-v24.17.0-darwin-x64.tar.xz
+ac60c4ba92204658efaac112efea5d3597348b011be679af0eec324d8c08915e  node-v24.17.0-headers.tar.gz
+aab64d32cd1690e4027326e746877bdac62f0a8458215241638477cbfe0a4192  node-v24.17.0-headers.tar.xz
+faa0d59ba7fe7045c950ed09b190578fb8eee73e4358686d38fcc99ca58c1480  node-v24.17.0-linux-arm64.tar.gz
+67324b9e515e7d13da72571a5dd522bb23145a820f7dde15497897e466759ab3  node-v24.17.0-linux-arm64.tar.xz
+804ed4a1a0ef28d592408b84ac2a85e858ab9124dad933e12b4323609411b809  node-v24.17.0-linux-ppc64le.tar.gz
+7657dfb803132a05cfc83353f43f603cba790e1d2366caeb36083aa8f351124b  node-v24.17.0-linux-ppc64le.tar.xz
+a659e9c26fcd648f3359dbfd292f078434168040f2fb1acf3c9c1bcd3fc37b2b  node-v24.17.0-linux-s390x.tar.gz
+a8e6f79fac2e17e5a9a9d479bad3b6f19921049bbb5888fa238347427502f23c  node-v24.17.0-linux-s390x.tar.xz
+e0472427aa791ad80bdc426ff7cc73cdd28ed0f616d1ff9689a23a7f47f1265f  node-v24.17.0-linux-x64.tar.gz
+ab343a1b747c7cbf3630dfd7dbf818c5423fab2eb4f5ad1afc896f6bd121a917  node-v24.17.0-linux-x64.tar.xz
+0ef6a68334882bb74f5afd2d370cf2cdabc3ef823c8fdd649d9d779478c09607  node-v24.17.0-win-arm64.7z
+4957712f67fce55779cc794d9b4df9e0e802a18c841ad5a4e42f17be490e634d  node-v24.17.0-win-arm64.zip
+91382ab13fea6cfdd475fc0f5b74727c979f609a94905ae338f8b9f1cce32457  node-v24.17.0-win-x64.7z
+f2aa33b35b75aca5f3f7b85675a6f6423201053e9381911e64961f3bda2528ab  node-v24.17.0-win-x64.zip
+ae5d9e9f6c85b8d35717f499ba907259ec80672c289858bae19074355906a240  node-v24.17.0-x64.msi
+6d795ec7986972ac377bcf017eb2a4f970962f36e1584bfebe79326a194f365f  node-v24.17.0.pkg
+66a10e05fa7875ff1d7d669de405ea6ce8725f2352bd07550f520dea2f880825  node-v24.17.0.tar.gz
+a7ab562ed2369a29c68b72fa00e3103bcdfe37063dff799c6acc8e404e275fcd  node-v24.17.0.tar.xz
+44999f9ec6486d01202d8961f343eac8c9f2847b234a8637c3fd0f1e2bb3288a  win-arm64/node.exe
+d32c3ff35f34b9593e5fcddc23ca779f4b40abfb9aa5a031d620f1ecb44ca935  win-arm64/node.lib
+60c69df69e22db238ab670efb7ad57ab6da92adcea33c6eea152daf3c2182ad6  win-arm64/node_pdb.7z
+93262aebc5c28f3f2218cad37a7635b9fb95ea89cb068c124b7eac9446682029  win-arm64/node_pdb.zip
+c6335d08331c23d68b9f2b18adb102002d76ef150b47248e954c507e0d033664  win-x64/node.exe
+4ab42af597bc4f0957e9e2dcd5db18bdf223406a0c8e0b6be0f28e57977b808b  win-x64/node.lib
+0e2a2937823b7fbca4d4ed344ed13d6c8a519d06460f77966fce59e1d146826b  win-x64/node_pdb.7z
+bd231782ef5e062395d6d2a259c3aaee994db694df9bdcd4beeb9d6bac9e69ec  win-x64/node_pdb.zip
+
+-----BEGIN PGP SIGNATURE-----
+
+iHUEARYIAB0WIQRb6KP2yKXAHRBsCtggsaOQsWjTVgUCajN1TwAKCRAgsaOQsWjT
+VsDcAQClE4tL8dBeOyi941MK78i7o4iOFfoYYdyIayxQww7nTgD/Zmdx1h1gjwo/
+J5fumRrmsNRDj6JYjUfEzKSSJjFX7Q8=
+=nnSg
+-----END PGP SIGNATURE-----
+```

From 221839bc689e8e5f31bdb2edf3f5bc907421a2c8 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Thu, 18 Jun 2026 05:03:14 +0000
Subject: [PATCH 3/3] feat(blog): create post for v26.3.1 (#8961)

Co-authored-by: Create or Update Pull Request Action <create-or-update-pull-request@users.noreply.github.com>
Co-authored-by: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 apps/site/pages/en/blog/release/v26.3.1.md | 109 +++++++++++++++++++++
 1 file changed, 109 insertions(+)
 create mode 100644 apps/site/pages/en/blog/release/v26.3.1.md

diff --git a/apps/site/pages/en/blog/release/v26.3.1.md b/apps/site/pages/en/blog/release/v26.3.1.md
new file mode 100644
index 0000000000000..7ac7ed74230b1
--- /dev/null
+++ b/apps/site/pages/en/blog/release/v26.3.1.md
@@ -0,0 +1,109 @@
+---
+date: '2026-06-18T04:38:39.606Z'
+category: release
+title: Node.js 26.3.1 (Current)
+layout: blog-post
+author: Antoine du Hamel
+---
+
+## 2026-06-18, Version 26.3.1 (Current), @aduh95
+
+This is a security release.
+
+### Notable Changes
+
+- (CVE-2026-48618) tls: normalize hostname for server identity checks (Matteo Collina) – High
+- (CVE-2026-48933) crypto: guard WebCrypto cipher output length (Filip Skokan) – High
+- (CVE-2026-48615) lib,test: redact proxy credentials in tunnel errors (Matteo Collina) – Medium
+- (CVE-2026-48619) http2: cap originSet size to prevent unbounded memory growth (Matteo Collina) – Medium
+- (CVE-2026-48928) tls: fix case-sensitive SNI context matching (Matteo Collina) – Medium
+- (CVE-2026-48930) dns,net: reject hostnames with embedded NUL bytes (Matteo Collina) – Medium
+- (CVE-2026-48934) tls: bind reusable sessions to authenticated host (Matteo Collina) – Medium
+- (CVE-2026-48617) permission: handle process.chdir on writereport (RafaelGSS) – Low
+- (CVE-2026-48931) http: fix response queue poisoning in http.Agent (Matteo Collina) – Low
+- (CVE-2026-48935) permission: disable FileHandle utimes with permission model (RafaelGSS) – Low
+- (CVE-2026-48936) permission: guard pipe open and chmod with net scope (RafaelGSS) – Low
+
+### Commits
+
+- \[[`98fbc89211`](https://github.com/nodejs/node/commit/98fbc89211)] - **(CVE-2026-48933)** **crypto**: guard WebCrypto cipher output length (Filip Skokan) [nodejs-private/node-private#878](https://github.com/nodejs-private/node-private/pull/878)
+- \[[`110840f2c7`](https://github.com/nodejs/node/commit/110840f2c7)] - **deps**: update llhttp to 9.4.2 (Antoine du Hamel) [nodejs-private/node-private#890](https://github.com/nodejs-private/node-private/pull/890)
+- \[[`8d36d522b2`](https://github.com/nodejs/node/commit/8d36d522b2)] - **deps**: update undici to 8.5.0 (Node.js GitHub Bot) [#63903](https://github.com/nodejs/node/pull/63903)
+- \[[`2e6d03993a`](https://github.com/nodejs/node/commit/2e6d03993a)] - **deps**: update undici to 8.4.0 (Node.js GitHub Bot) [#63779](https://github.com/nodejs/node/pull/63779)
+- \[[`5a17d5b07a`](https://github.com/nodejs/node/commit/5a17d5b07a)] - **deps**: update archs files for openssl-3.5.7 (Node.js GitHub Bot) [#63820](https://github.com/nodejs/node/pull/63820)
+- \[[`362725d4e5`](https://github.com/nodejs/node/commit/362725d4e5)] - **deps**: upgrade openssl sources to openssl-3.5.7 (Node.js GitHub Bot) [#63820](https://github.com/nodejs/node/pull/63820)
+- \[[`bd1214ab01`](https://github.com/nodejs/node/commit/bd1214ab01)] - **(CVE-2026-48930)** **dns,net**: reject hostnames with embedded NUL bytes (Matteo Collina) [nodejs-private/node-private#868](https://github.com/nodejs-private/node-private/pull/868)
+- \[[`bc0b53813e`](https://github.com/nodejs/node/commit/bc0b53813e)] - **(CVE-2026-48931)** **http**: fix response queue poisoning in http.Agent (Matteo Collina) [nodejs-private/node-private#846](https://github.com/nodejs-private/node-private/pull/846)
+- \[[`87d847bc70`](https://github.com/nodejs/node/commit/87d847bc70)] - **(CVE-2026-48619)** **http2**: cap originSet size to prevent unbounded memory growth (Matteo Collina) [nodejs-private/node-private#855](https://github.com/nodejs-private/node-private/pull/855)
+- \[[`9308084fcb`](https://github.com/nodejs/node/commit/9308084fcb)] - **(CVE-2026-48615)** **lib,test**: redact proxy credentials in tunnel errors (Matteo Collina) [nodejs-private/node-private#867](https://github.com/nodejs-private/node-private/pull/867)
+- \[[`a67dd46891`](https://github.com/nodejs/node/commit/a67dd46891)] - **(CVE-2026-48936)** **permission**: guard pipe open and chmod with net scope (RafaelGSS) [nodejs-private/node-private#885](https://github.com/nodejs-private/node-private/pull/885)
+- \[[`7057c3f16c`](https://github.com/nodejs/node/commit/7057c3f16c)] - **(CVE-2026-48935)** **permission**: disable FileHandle utimes with permission model (RafaelGSS) [nodejs-private/node-private#873](https://github.com/nodejs-private/node-private/pull/873)
+- \[[`6bc17a6b51`](https://github.com/nodejs/node/commit/6bc17a6b51)] - **(CVE-2026-48617)** **permission**: handle process.chdir on writereport (RafaelGSS) [nodejs-private/node-private#870](https://github.com/nodejs-private/node-private/pull/870)
+- \[[`c8668beff8`](https://github.com/nodejs/node/commit/c8668beff8)] - **test**: add session reuse host verification regressions (Matteo Collina) [nodejs-private/node-private#854](https://github.com/nodejs-private/node-private/pull/854)
+- \[[`d1be630415`](https://github.com/nodejs/node/commit/d1be630415)] - **(CVE-2026-48934)** **tls**: bind reusable sessions to authenticated host (Matteo Collina) [nodejs-private/node-private#854](https://github.com/nodejs-private/node-private/pull/854)
+- \[[`a14c158bb3`](https://github.com/nodejs/node/commit/a14c158bb3)] - **(CVE-2026-48928)** **tls**: fix case-sensitive SNI context matching (Matteo Collina) [nodejs-private/node-private#857](https://github.com/nodejs-private/node-private/pull/857)
+- \[[`ebda73470d`](https://github.com/nodejs/node/commit/ebda73470d)] - **(CVE-2026-48618)** **tls**: normalize hostname for server identity checks (Matteo Collina) [nodejs-private/node-private#869](https://github.com/nodejs-private/node-private/pull/869)
+
+Windows 64-bit Installer: https://nodejs.org/dist/v26.3.1/node-v26.3.1-x64.msi \
+Windows ARM 64-bit Installer: https://nodejs.org/dist/v26.3.1/node-v26.3.1-arm64.msi \
+Windows 64-bit Binary: https://nodejs.org/dist/v26.3.1/win-x64/node.exe \
+Windows ARM 64-bit Binary: https://nodejs.org/dist/v26.3.1/win-arm64/node.exe \
+macOS 64-bit Installer: https://nodejs.org/dist/v26.3.1/node-v26.3.1.pkg \
+macOS Apple Silicon 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-darwin-arm64.tar.gz \
+macOS Intel 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-darwin-x64.tar.gz \
+Linux 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-linux-x64.tar.xz \
+Linux PPC LE 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-linux-ppc64le.tar.xz \
+Linux s390x 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-linux-s390x.tar.xz \
+AIX 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-aix-ppc64.tar.gz \
+ARMv8 64-bit Binary: https://nodejs.org/dist/v26.3.1/node-v26.3.1-linux-arm64.tar.xz \
+Source Code: https://nodejs.org/dist/v26.3.1/node-v26.3.1.tar.gz \
+Other release files: https://nodejs.org/dist/v26.3.1/ \
+Documentation: https://nodejs.org/docs/v26.3.1/api/
+
+### SHASUMS
+
+```
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+8c0ef7465b17c31d6bfaea84d5b8d62944b543dcd2df42933aa0bff4771ebc5c  node-v26.3.1-aix-ppc64.tar.gz
+bd0c50afcc7140b64b12e24f73f0681d68f84205575893561e6344dc09b71fc7  node-v26.3.1-arm64.msi
+3f624ab0d774553c0d28b968e141d8c676a35a2811fb0b7b356ba9cbdce15f74  node-v26.3.1-darwin-arm64.tar.gz
+49aca22a8c2992c16688baa512a7b00c41a4608e9675fcaa81534767bf1116ce  node-v26.3.1-darwin-arm64.tar.xz
+3ec9e5a28c641c088f3d04ad38721bfdedb2f8aa8c031979fa93df08b5a92e58  node-v26.3.1-darwin-x64.tar.gz
+dac58e340c721332d331a44c9ee2e126b26632c42d3028eb2ceb5c3f218798fa  node-v26.3.1-darwin-x64.tar.xz
+a0fbaa7136174fa7533f6178c2331ffbaad5f25e9fd2e610fc3961b57fd5acae  node-v26.3.1-headers.tar.gz
+e84075cd1296f089ad17bc87d34cea964bad7f1018378656af16d494adf91d1a  node-v26.3.1-headers.tar.xz
+2f0829b201e9db20996ae15bce62138df1e3d317775b005778b05cf7b19714f1  node-v26.3.1-linux-arm64.tar.gz
+c021380e64d1314d1218ab1f31e0f5b0f28f1f54ac779ef72a16c2bda0ca5c30  node-v26.3.1-linux-arm64.tar.xz
+276d72c00b4cfedf3bc45bde6d1bd0a18e8c846ed150a5381c528112fa0ccabd  node-v26.3.1-linux-ppc64le.tar.gz
+ec83deb41569e3896e8c4af4986c76dc0bf4e0eb909643b364d38e8a9f9f9091  node-v26.3.1-linux-ppc64le.tar.xz
+740d35affe20683d244e494e0cc9710a91c1c6039ffdd0ed9f7d110c998bd23c  node-v26.3.1-linux-s390x.tar.gz
+e8aece0730dc3dc808d66f8a8b8a6f87354ac941dfaa3a59a27022b2435abbcd  node-v26.3.1-linux-s390x.tar.xz
+e892cd615e637edebcf22f9653d80fba63167ad6754d20881fd52cc37be81441  node-v26.3.1-linux-x64.tar.gz
+55647180e4ae58ffeaa3294e89aa4abda7c371dfbd64b44cbdb022980177aae0  node-v26.3.1-linux-x64.tar.xz
+40e8d2ad0a4f543c5e283ca0074ce8ea327062d448bf84f3cdfda27e736fbde8  node-v26.3.1-win-arm64.7z
+021eb7de1d5257b24765f292dfcb469ff1528c29d88f48c875befb28114fb0fb  node-v26.3.1-win-arm64.zip
+35c2ce21f7b0ea776b139cecc052641653abc31fb438cb17d096af7a9277d706  node-v26.3.1-win-x64.7z
+45001b289ebffe7b22260898f3750059183d8246042b88e8ffa4337e65e6763e  node-v26.3.1-win-x64.zip
+c07b05c3b9e22e1a408e630285f15201b86eaa32f5d9ca8cf35132c9caac0cf0  node-v26.3.1-x64.msi
+942790eea681d9fa92b7c67343a2fd862b860546ad62f3a8a12f8ca72b784baf  node-v26.3.1.pkg
+d38ec1c76d2651d2c597cffa46c8379b29e42baa5b82b7997981e8301b4b3387  node-v26.3.1.tar.gz
+979b9b8308a8d2d4a27c662ed50448c85f970c0fd4f5ce8b98e8da78c441f2bc  node-v26.3.1.tar.xz
+b8ad851e5ac8cbb784633ec905bd86a282697cc73eb1836c503f02968c7d2c41  win-arm64/node.exe
+bd474f1ca8c44b2ab10e908c14447c5d91e1bac3f3a4d3141c78b6dbb5d1a253  win-arm64/node.lib
+4ae86b1181dea3cf5a39c17600eec672df3b4d728643be91e3f6b3f8b9da6138  win-arm64/node_pdb.7z
+8a256841ab4992714d817f8f15722f1db25520555823b4a9a6a6c75f86d44f17  win-arm64/node_pdb.zip
+2e5b4362a7ea3478cb408a07189c19c16e487f188ac96db2e9e0f45ad8e21837  win-x64/node.exe
+2f71186cc7649a7406b1616566700e397e9dd52bd7267440d78d78a1725bd312  win-x64/node.lib
+e56e13c1a622751a9024b3d6e2c8806e992cd7f502bc3b22f47d7a471cdaee20  win-x64/node_pdb.7z
+9dd4250f30eaf002777b719af182917c16ebb174b72a15575b5e81a93c1c989b  win-x64/node_pdb.zip
+
+-----BEGIN PGP SIGNATURE-----
+
+iHUEARYIAB0WIQRb6KP2yKXAHRBsCtggsaOQsWjTVgUCajN11AAKCRAgsaOQsWjT
+VgK3AQCiaZF1iVzuLrCodtoLumgZJqaNBJFuc+DheHSVx91waQEAoowJe+hn+Kx1
+QRMAE1Eeb+Y8eH6UYaDP6ACMbGUiGwM=
+=UJVW
+-----END PGP SIGNATURE-----
+```