ROOT-APP-NPM-CVE-2026-3520 CVE-2026-3520 in @rootio/multer - Patched by Root

Root has patched CVE-2026-3520 in the @rootio/multer package for Root:npm. Multiple fixed versions available...

ROOT-APP-NPM-CVE-2026-2359 CVE-2026-2359 in @rootio/multer - Patched by Root

Root has patched CVE-2026-2359 in the @rootio/multer package for Root:npm. Multiple fixed versions available...

ROOT-APP-NPM-CVE-2025-47935 CVE-2025-47935 in @rootio/multer - Patched by Root

Root has patched CVE-2025-47935 in the @rootio/multer package for Root:npm. Multiple fixed versions available...

ROOT-APP-NPM-CVE-2026-3304 CVE-2026-3304 in @rootio/multer - Patched by Root

Root has patched CVE-2026-3304 in the @rootio/multer package for Root:npm. Multiple fixed versions available...

ROOT-APP-NPM-CVE-2025-47944 CVE-2025-47944 in @rootio/multer - Patched by Root

Root has patched CVE-2025-47944 in the @rootio/multer package for Root:npm. Multiple fixed versions available...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in multer-2.0.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerabilities in multer-2.0.2.tgz Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of...

Security Bulletin: Multiple vulnerabilities in IBM DevOps Solution Workbench

Summary Multiple vulnerabilities were addressed in IBM DevOps Solution Workbench version 5.1.2 Vulnerability Details CVEID:CVE-2026-6951 DESCRIPTION: Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that block...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in multer-2.0.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in multer-2.0.2.tgz Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of...

Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to multiple vulnerabilities in Node.js

Summary Automation Assets in IBM Cloud Pak for Integration is vulnerable to multiple vulnerabilities in Node.js and LangChain. CVE-2026-2359, CVE-2026-3304, CVE-2026-3520, CVE-2026-29063, CVE-2026-24001, CVE-2025-69873, CVE-2026-31808. The vulnerabilities have been addressed. Vulnerability Detail...

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial...

Security Bulletin: IBM Application Modernization Accelerator is vulnerable to multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to...

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js module Multer (CVE-2026-2359, CVE-2026-3304 & CVE-2026-3520)

Summary The IBM App Connect Enterprise Connector Discovery and OpenAPI Editor is vulnerable to multiple vulnerabilities due to Node.js module Multer. Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer...

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to multiple node modules.

Summary IBM App Connect Enterprise runtime, IBM App Connect Enterprise Connector Discovery and OpenAPI Editor and IBM App Connect Enterprise Discovery Connectors are vulnerable to multiple vulnerabilities due to multiple node modules. Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer ...

MAL-2026-2378 Malicious code in node-multer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fd13a20e1e6edfd702b510f8205a60c9826a214ac27b04e1c6b48dee5f74d76 The package node-multer was found to contain malicious code...

Malicious code in node-multer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fd13a20e1e6edfd702b510f8205a60c9826a214ac27b04e1c6b48dee5f74d76 The package node-multer was found to contain malicious code...

MAL-2026-2343 Malicious code in chain-multer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53cc34f0f3bb0c4829ea6a271ba921ebdd97ea8272285dbc159f5ede247d27ff The package chain-multer was found to contain malicious code...

Malicious code in chain-multer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53cc34f0f3bb0c4829ea6a271ba921ebdd97ea8272285dbc159f5ede247d27ff The package chain-multer was found to contain malicious code...

Exploit for CVE-2026-3304

CVE-2026-3304 Lab Environment This repository is a vulner...

Multer Vulnerable to Denial of Service via Uncontrolled Recursion

Impact A vulnerability in Multer versions 2.1.1 allows an attacker to trigger a Denial of Service DoS by sending malformed requests, potentially causing stack overflow. Patches Users should upgrade to 2.1.1 Workarounds None Resources -...

EUVD-2026-9423

Multer Vulnerable to Denial of Service via Uncontrolled Recursion...