From af9e3ff50916c11481a8af99c1760356e1fd890f Mon Sep 17 00:00:00 2001 From: MHRoni Date: Wed, 24 Jun 2026 14:03:16 +0600 Subject: [PATCH] Fix typos in June 2026 security release notes Corrected typos in the description of CVE-2026-48618. Signed-off-by: MHRoni --- .../en/blog/vulnerability/june-2026-security-releases.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/site/pages/en/blog/vulnerability/june-2026-security-releases.md b/apps/site/pages/en/blog/vulnerability/june-2026-security-releases.md index 80f50c40ab0f9..5dbec23ecca0d 100644 --- a/apps/site/pages/en/blog/vulnerability/june-2026-security-releases.md +++ b/apps/site/pages/en/blog/vulnerability/june-2026-security-releases.md @@ -29,9 +29,9 @@ This vulnerability affects all supported release lines: **Node.js 22**, **Node.j Thank you, to erichen for reporting this vulnerability and thank you Filip Skokan for fixing it. -## Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat (CVE-2026-48618) - (high) +## Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismatch (CVE-2026-48618) - (high) -A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat. +A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismatch. This can lead to confidentiality impact or bypass of the intended security boundary under affected configurations.