The host is installed with Node.js 18.x before 18.19.1, 20.x before 20.11.1, or 21.x before 21.6.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application which fails to handle setuid(). Successful exploitation allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid().