EUVD-2025-198982

🗓️ 25 Nov 2025 14:20:21Reported by EUVDType

Vulnerability in body-parser 2.2.0 enables denial of service via many URL-encoded parameters; fixed in 2.2.1.

Reporter	Title	Published	Views	Family All 40
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	6 Feb 202617:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to multiple node modules (CVE-2025-64718, CVE-2025-64756, CVE-2025-13466 & CVE-2025-65945)	22 Dec 202511:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service due to body-parser	30 Mar 202615:20	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in body-parser-2.2.0.tgz affecting MongoDB Enterprised Advanced (CVE-2025-13466)	24 Feb 202619:20	–	ibm
IBM Security Bulletins	Security Bulletin: The Log Source Management App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	16 Mar 202618:20	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service (CVE-2025-12758, CVE-2025-13466, CVE-2025-14874) and loss of confidentiality (CVE-2025-65945)	5 Feb 202612:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to a denial of service CVE-2025-13466	8 Jun 202617:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge	10 Mar 202607:07	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in watsonx.data	9 May 202608:59	–	ibm
IBM Security Bulletins	Security Bulletin: SPSS Collaboration and Deployment Services is affected by vulnerabilities in body-parser (CVE-2025-13466) and qs (CVE-2025-15284, CVE-2026-2391)	25 Feb 202616:10	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "22ee7508-a998-35bd-b10b-7aa005321b01",
        "vendor": {
          "name": "body-parser"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "6e715418-abbf-32b1-b03d-2c2962f905a2",
        "product": {
          "name": "body-parser"
        },
        "product_version": "2.2.0"
      }
    ]
  }
]

Source	Link
github	www.github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-13466
github	www.github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63
github	www.github.com/expressjs/body-parser/releases/tag/v2.2.1

25 Nov 2025 18:09Current

6.3Medium risk

Vulners AI Score6.3

CVSS 46.9

EPSS0.00035

SSVC