On my gaming PC I noticed something interesting - Nvidia installed a NodeJS server on my system. Since I did some application whitelisting research some time ago I used it to bypass application whitelisting. Please note: From a technical perspective I could not find a more critical vulnerability in it. However, from end-user perspective I think nobody wants to have a local NodeJS server running just because Nvidia programmers wanted to code in JavaScript. When I reported this to Nvidia they immediatly fixed it.
You can find the the original blogpost here: Link