CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Expressjs: >> Multer Security Vulnerabilities

CVE-2026-3520

Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.1 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing stack overflow. Users should upgrade to version 2.1.1 to receive a patch. No known workarounds are available.

CVSS Score

7.5

EPSS Score

0.0

Published

2026-03-04

Page 1

Vulnerabilities

Vulnerable Software

Expressjs: >> Multer Security Vulnerabilities

Products

Pricing

Contact Us