CVE-2026-5038 | multer up to 2.1.x/3.0.0-alpha.1 Multipart Upload Readable.pipe cleanup (GHSA-3p4h-7m6x-2hcm)

Inserito da Angelo Barbosa | Giu 15, 2026 | CVE

A vulnerability classified as problematic has been found in multer up to 2.1.x/3.0.0-alpha.1. This impacts the function Readable.pipe of the component Multipart Upload Handler. Performing a manipulation results in incomplete cleanup.

This vulnerability is cataloged as CVE-2026-5038. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2026-5038 | multer up to 2.1.x/3.0.0-alpha.1 Multipart Upload Readable.pipe cleanup (GHSA-3p4h-7m6x-2hcm)

Post correlati

CVE-2025-57697 | AstrBot 3.5.22 entities.py _encode_image_bs64 path traversal

CVE-2024-0469 | code-projects Human Resource Integrated System 1.0 update_personal_info.php sex sql injection

CVE-2024-27703 | Leantime 3.0.6 to-do title cross site scripting

CVE-2022-4981 | DCMTK up to 3.6.7 dcmqrscp /dcmqrcnf.cc readPeerList null pointer dereference (Issue 1026 / 957fb31e5)