@adonisjs/bodyparser

npm3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting @adonisjs/bodyparserpage 1 of 1

CVE-2026-21440CRITICALCVSS 9.2EG 0.0✓ Fixed in 11.0.0-next.6
2026-01-02
AdonisJS is a TypeScript-first web framework. A Path Traversal vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/b…
CVE-2026-25754HIGHCVSS 7.2EG 7.2✓ Fixed in 10.1.3
2026-02-06
AdonisJS is a TypeScript-first web framework. Prior to versions 10.1.3 and 11.0.0-next.9, a prototype pollution vulnerability in AdonisJS multipart form-data parsing may allow a remote attacker to manipulate object prototypes at runtime. T…
CVE-2026-25762HIGHCVSS 7.5EG 7.5✓ Fixed in 10.1.3
2026-02-06
AdonisJS is a TypeScript-first web framework. Prior to versions 10.1.3 and 11.0.0-next.9, a denial of service (DoS) vulnerability exists in the multipart file handling logic of @adonisjs/bodyparser. When processing file uploads, the multip…

Check whether @adonisjs/bodyparser is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for @adonisjs/bodyparser CVEs against the assets you own.

Start Free Scan →