diff --git a/.gitignore b/.gitignore
index bd64a19..43f49fd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,5 @@
 SOURCES/cjs-module-lexer-1.2.2.tar.gz
 SOURCES/icu4c-74_2-src.tgz
-SOURCES/node-v18.20.4-stripped.tar.gz
-SOURCES/undici-5.28.4.tar.gz
+SOURCES/node-v18.20.6-stripped.tar.gz
+SOURCES/undici-5.28.5.tar.gz
 SOURCES/wasi-sdk-11.0-linux.tar.gz
diff --git a/.nodejs.metadata b/.nodejs.metadata
index bf14de6..2cbd31a 100644
--- a/.nodejs.metadata
+++ b/.nodejs.metadata
@@ -1,5 +1,5 @@
 164f7f39841415284b0280a648c43bd7ea1615ac SOURCES/cjs-module-lexer-1.2.2.tar.gz
 43a8d688a3a6bc8f0f8c5e699d0ef7a905d24314 SOURCES/icu4c-74_2-src.tgz
-1865285a5bf26669d5fadbc5eb78e97f4adad612 SOURCES/node-v18.20.4-stripped.tar.gz
-d38d72bec82e3c41a4de73d6ee56d9c9eff5f403 SOURCES/undici-5.28.4.tar.gz
+838d4f6468dbc644da2f162027daf8f6f02187f0 SOURCES/node-v18.20.6-stripped.tar.gz
+ccd4e9c2e825305395469f4a1442eee55d23d54d SOURCES/undici-5.28.5.tar.gz
 ff114dd45b4efeeae7afe4621bfc6f886a475b4b SOURCES/wasi-sdk-11.0-linux.tar.gz
diff --git a/SPECS/nodejs.spec b/SPECS/nodejs.spec
index 3eba5ab..0cb9dc7 100644
--- a/SPECS/nodejs.spec
+++ b/SPECS/nodejs.spec
@@ -41,7 +41,7 @@
 %global nodejs_epoch 1
 %global nodejs_major 18
 %global nodejs_minor 20
-%global nodejs_patch 4
+%global nodejs_patch 6
 %global nodejs_abi %{nodejs_major}.%{nodejs_minor}
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
 %global nodejs_soversion 108
@@ -65,7 +65,7 @@
 
 # c-ares - from deps/cares/include/ares_version.h
 # https://github.com/nodejs/node/pull/9332
-%global c_ares_version 1.28.1
+%global c_ares_version 1.29.0
 
 # llhttp - from deps/llhttp/include/llhttp.h
 %global llhttp_version 6.1.1
@@ -109,12 +109,12 @@
 
 # simduft from deps/simdutf/simdutf.h
 %global simduft_major 5
-%global simduft_minor 2
-%global simduft_patch 4
+%global simduft_minor 6
+%global simduft_patch 0
 %global simduft_version %{simduft_major}.%{simduft_minor}.%{simduft_patch}
 
 # ada from deps/ada/ada.h
-%global ada_version 2.7.8
+%global ada_version 2.8.0
 
 # OpenSSL minimum version
 %global openssl_minimum 1:1.1.1
@@ -126,7 +126,7 @@
 
 # npm - from deps/npm/package.json
 %global npm_epoch 1
-%global npm_version 10.7.0
+%global npm_version 10.8.2
 
 # In order to avoid needing to keep incrementing the release version for the
 # main package forever, we will just construct one for npm that is guaranteed
@@ -181,10 +181,10 @@ Source101: cjs-module-lexer-1.2.2.tar.gz
 Source111: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-11.0-linux.tar.gz
 
 # Version: jq '.version' deps/undici/src/package.json
-# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.28.4.tar.gz
-# Adjustments: rm -f undici-5.28.4/lib/llhttp/llhttp*.wasm
+# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.28.5.tar.gz
+# Adjustments: rm -f undici-5.28.5/lib/llhttp/llhttp*.wasm
 # Build uses alpine image, see alpine for sources for wasi-sdk
-Source102: undici-5.28.4.tar.gz
+Source102: undici-5.28.5.tar.gz
 
 # Disable running gyp on bundled deps we don't use
 Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
@@ -633,6 +633,11 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/nod
 
 
 %changelog
+* Fri Jan 31 2025 Tomáš Juhász <tjuhasz@redhat.com> - 1:18.20.6-1
+- Update to version 18.20.6
+  Resolves: RHEL-76803
+  Fixes: CVE-2025-23085
+
 * Mon Aug 05 2024 Honza Horak <hhorak@redhat.com> - 1:18.20.4-1
 - Update to 18.20.4
   Fixes: CVE-2024-22020 CVE-2024-28863
@@ -642,7 +647,7 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/nod
 
 * Mon Apr 15 2024 Filip Janus <fjanus@redhat.com> - 1:18.20.2-1
 - Rebase to 18.20.2
-- Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629
+- Fix: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629
 
 * Tue Mar 05 2024 Lukas Javorsky <ljavorsk@redhat.com> - 1:18.19.1-1
 - Rebase to version 18.19.1