Node.js 24.18.0 has been released as the latest Long Term Support (LTS) version, featuring performance improvements for the HTTP agent and Buffer allocation system, including a new default Buffer pool size of 64 KiB. The update enhances the Web Cryptography API by adding TurboSHAKE and KangarooTwelve support while addressing security vulnerabilities in CryptoKey handling. Additionally, the release includes updates to bundled npm and SQLite for improved runtime stability. Overall, these changes focus on cryptographic standards and HTTP stream management, making it a crucial upgrade for production environments using Node.js 24
Node.js 24.18.0 LTS Released: Crypto Hardening, 64 KiB Buffers, and WebCrypto Upgrades
Node.js 24.18.0 has shipped as the latest LTS release, bringing targeted performance adjustments to the HTTP agent and Buffer allocation system. The update adds TurboSHAKE and KangarooTwelve support to the Web Cryptography API while patching CryptoKey handling against prototype pollution and malformed inputs. You'll also see the default Buffer pool size jump to 64 KiB, which should cut down on allocation churn for memory-heavy workloads. Alongside these core improvements, the release bumps the bundled npm dependency to 11.16.0 and patches SQLite to 3.53.1 for broader runtime stability.
