Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

Updated on January 6, 2026

Users of the “@adonisjs/bodyparser” npm package are being advised to update to the latest version following the disclosure of a critical security vulnerability that, if successfully exploited, could allow a remote attacker to write arbitrary files on the server.
Tracked as CVE-2026-21440 (CVSS score: 9.2), the flaw has been described as a path traversal issue affecting the AdonisJS multipart…

Read the rest of the story at Read More

Source: The Hacker News

December 18, 2024 Uncategorized

Meta Fined €251 Million for 2018 Data ...

October 14, 2024 Uncategorized

Critical Veeam Vulnerability Exploited t...

October 16, 2025 Uncategorized

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

Related posts

Meta Fined €251 Million for 2018 Data ...

Critical Veeam Vulnerability Exploited t...

North Korean Hackers Use EtherHiding to ...

Leave a Comment Cancel reply

Recent News

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Cybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can’t)

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes