CRITICAL npm
GHSA-fjxv-7rqg-78g4 · CVE-2025-7783 form-data uses unsafe random function in form-data for choosing boundary
Modified: 2/4/2026
package
npm / form-data
pkg:npm/form-data
HIGH 7.5 npm
GHSA-hmw2-7cc7-3qxx · CVE-2026-12143 form-data: CRLF injection in form-data via unescaped multipart field names and filenames
Modified: 6/15/2026