Security Bulletin: Multiple vulnerabilities in IBM DevOps Solution Workbench

Summary Multiple vulnerabilities were addressed in IBM DevOps Solution Workbench version 5.1.2 Vulnerability Details CVEID:CVE-2026-6951 DESCRIPTION: Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that block...

CVE-2026-3304

A flaw was found in Multer, a Node.js middleware. A remote attacker could exploit this vulnerability by sending specially crafted malformed requests. This could lead to resource exhaustion, resulting in a Denial of Service DoS for the application using Multer...

02url-querystring-http (>=1.0.1 <=1.0.4), 1-0-5-hai-aage-dekhte-hein-kya-aat-hai (>=1.0.5 <=1.0.6) +12780 more potentially affected by CVE-2026-3304 via multer (>=0.0.5 <=2.0.2)

multer NPM version =0.0.5, =1.0.1, =1.0.5, =2.0.0, =1.0.0, =1.0.0, =1.0.0, =0.0.1, =1.0.0, =1.0.3 - 6e-alpha-backend-admin =1.0.0 and more Source cves: CVE-2026-3304 Source advisory: OSV:GHSA-XF7R-HGR6-V32P...

4591-libs (>=0.0.1 <=0.2.0), @10abdullahbutt/nestjs-boilerplate (=0.0.1) +1494 more potentially affected by CVE-2026-3304 via multer (>=2.0.0-alpha.2 <=2.0.2)

multer NPM version =2.0.0-alpha.2, =0.0.1, =0.0.1-alpha.1, =0.0.1-alpha.9, =0.0.0-alpha.119, =1.2.1, =0.0.1, =1.0.0, =0.1.1, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.2, =0.0.10, =0.6.2 and more Source cves: CVE-2026-3304 Source advisory: SNYK:JS-MULTER-15365918...

CVE-2026-3304 Multer vulnerable to Denial of Service via incomplete cleanup

Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service DoS by sending malformed requests, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch...