IxtliHIGHCVE-2026-3520npmCVSS 7.5
multer
Published
Description
Multer vulnerable to Denial of Service via unhandled exception from malformed request
Affected Versions
>=0
FIXED VERSIONS2.0.22.0.12.1.12.1.0
References
WEBhttps://github.com/expressjs/multer/security/advisories/GHSA-5528-5vmv-3xc2ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-3520WEBhttps://github.com/expressjs/multer/commit/7e66481f8b2e6c54b982b34c152479e096ce2752WEBhttps://cna.openjsf.org/security-advisories.htmlPACKAGEhttps://github.com/expressjs/multerWEBhttps://www.cve.org/CVERecord?id=CVE-2026-3520WEBhttps://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9pADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2025-7338WEBhttps://github.com/expressjs/multer/commit/adfeaf669f0e7fe953eab191a762164a452d143bWEBhttps://github.com/expressjs/multer/security/advisories/GHSA-g5hg-p3ph-g8qgADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2025-48997WEBhttps://github.com/expressjs/multer/issues/1233WEBhttps://github.com/expressjs/multer/pull/1256WEBhttps://github.com/expressjs/multer/commit/35a3272b611945155e046dd5cef11088587635e9WEBhttps://github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mcADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-2359WEBhttps://github.com/expressjs/multer/commit/cccf0fe0e64150c4f42ccf6654165c0d66b9adabWEBhttps://www.cve.org/CVERecord?id=CVE-2026-2359WEBhttps://github.com/expressjs/multer/security/advisories/GHSA-xf7r-hgr6-v32pADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-3304WEBhttps://github.com/expressjs/multer/commit/739919097dde3921ec31b930e4b9025036fa74eeWEBhttps://www.cve.org/CVERecord?id=CVE-2026-3304