Advanced Hunting to find Node versions for CVE-2025-66478

DeviceProcessEvents
| where Timestamp > ago(7d)
| where FileName == "node.exe"  // Focus on Node.js binary
| extend VersionParts = split(ProcessVersionInfoProductVersion, '.')
| extend Major = toint(VersionParts[0]),
         Minor = toint(VersionParts[1]),
         Build = toint(VersionParts[2]),
         Revision = toint(VersionParts[3])
| where isnotnull(Major) and Major >= 18 and (Major > 18 or Minor >= 17)  // Only shows versions >=18.17.0 (affected for Next.js 15.x/16.x/14.3.0-canary.77+)
| extend NodeVersion = ProcessVersionInfoProductVersion
| summarize LatestTimestamp = max(Timestamp), SampleCommandLine = any(ProcessCommandLine), NodeVersion = any(NodeVersion) by DeviceName
| project DeviceName, LatestTimestamp, NodeVersion, SampleCommandLine
| order by LatestTimestamp desc
| take 100
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Powered by WordPress | Made with ❤ by Themely