PT-2026-6811 · Unknown+1 · @Adonisjs/Bodyparser+1

Zeroxjacks

Publicado

2026-02-06

Atualizado

2026-02-09

CVE-2026-25762

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions AdonisJS versions prior to 10.1.3 AdonisJS versions prior to 11.0.0-next.9

Description A denial of service (DoS) issue exists in the multipart file handling logic of the @adonisjs/bodyparser package. The multipart parser may accumulate an unbounded amount of data in memory when attempting to detect file types, potentially leading to excessive memory consumption and process termination.

Recommendations Update to AdonisJS version 10.1.3 or later. Update to AdonisJS version 11.0.0-next.9 or later.

Exploit

Correção

DoS

Allocation of Resources Without Limits

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-770CWE-400

Identificadores relacionados

CVE-2026-25762

GHSA-XX9G-FH25-4Q64

Produtos afetados

@Adonisjs/Bodyparser

Adonisjs

PT-2026-6811 · Unknown+1 · @Adonisjs/Bodyparser+1

CVE-2026-25762

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12