CVE-2026-3304

high

Red Hat

CVSS v3 Base Score

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Published: February 27, 2026

Last Modified: February 27, 2026

Vendor: Red Hat

Description

Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available.

CWE

CWE-459

Affected Products

Logging Subsystem for Red Hat OpenShiftRed Hat Developer HubRed Hat Enterprise Linux 10Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9Red Hat Trusted Profile AnalyzerSelf-service automation portal 2

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 cna.openjsf.org 🔗 github.com

CVE-2026-3304

Vulnerability Report

Description

CWE

Affected Products

References