{"vulnerability": "cve-2026-21440", "sightings": [{"uuid": "c8dd3c85-9503-42ba-8703-286775fdccc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://bsky.app/profile/adonisjs.com/post/3mbhaymfvtk2m", "content": "", "creation_timestamp": "2026-01-02T15:55:33.789581Z"}, {"uuid": "aec08950-24cb-4245-a6a0-534c7a70ea11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mbnfq3sjaq2a", "content": "", "creation_timestamp": "2026-01-05T02:36:13.217980Z"}, {"uuid": "c104d72c-6a83-4a36-8320-adbbea123413", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://bsky.app/profile/cyberdudebivash.bsky.social/post/3mbntjjaegs26", "content": "", "creation_timestamp": "2026-01-05T06:43:12.341514Z"}, {"uuid": "2d2a82e9-ed2b-4714-8f3f-1bce57efb121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mbpgavoiqr2i", "content": "", "creation_timestamp": "2026-01-05T21:50:56.957199Z"}, {"uuid": "176fc030-cd84-413b-bce1-d4793ace7020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://bsky.app/profile/cybersentinel404.bsky.social/post/3mbqfa6oap22m", "content": "", "creation_timestamp": "2026-01-06T07:05:18.819234Z"}, {"uuid": "8e8ccaf4-1e13-4ed3-a3f7-d1e5782993dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://thehackernews.com/2026/01/critical-adonisjs-bodyparser-flaw-cvss.html", "content": "", "creation_timestamp": "2026-01-06T02:30:00.000000Z"}, {"uuid": "a37b6340-c202-4a95-8226-a55f5dc89cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mbqp522cz72t", "content": "", "creation_timestamp": "2026-01-06T10:02:31.266560Z"}, {"uuid": "8004855c-05fb-4c39-a99f-3d296e48af4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://bsky.app/profile/jfreeg.bsky.social/post/3mbrbuzvqq72u", "content": "", "creation_timestamp": "2026-01-06T15:38:03.480974Z"}, {"uuid": "8e269b35-fa52-4c37-a8e6-26e43eb33d66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-21440", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mbrzhry52q2i", "content": "", "creation_timestamp": "2026-01-06T22:40:09.226119Z"}, {"uuid": "88b2c735-5a02-46b1-9a5b-efbc5e69a724", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://gist.github.com/Darkcrai86/bca76737cd96c6c4779d5bbe95da1ceb", "content": "", "creation_timestamp": "2026-01-07T08:54:52.000000Z"}, {"uuid": "149407b7-1118-4f22-8a9b-9bf5d7b35daf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115873629012265364", "content": "", "creation_timestamp": "2026-01-11T00:27:44.191837Z"}, {"uuid": "4e297d87-bf11-4d88-87f9-adc42a502372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mctk7x4n3r22", "content": "", "creation_timestamp": "2026-01-20T06:37:50.332863Z"}, {"uuid": "ec657026-0d5c-49d3-b642-564835bef579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://gist.github.com/alon710/ba3e09576fab94743e09cd5958c53dc4", "content": "", "creation_timestamp": "2026-01-24T22:43:33.000000Z"}, {"uuid": "85a3a5dd-6791-4da9-89c3-8f9dc4d8e88d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "Telegram/OYffpMdaBj2T2f8vD_3Xr2_N56biRnySAWVcO0fFYvIpjNs", "content": "", "creation_timestamp": "2026-01-02T21:57:38.000000Z"}, {"uuid": "a9a8fdc1-a942-4005-83e6-20d176051d16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "published-proof-of-concept", "source": "Telegram/NXxnKLZ_SaBlQTQxt0WJ9c3G9QPSHY40ZYnU5qA6mvG8vUA", "content": "", "creation_timestamp": "2026-01-05T21:00:04.000000Z"}, {"uuid": "81aaba01-a31a-4874-86a8-0b60ee2aab7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "published-proof-of-concept", "source": "Telegram/qUetMMv-HK1oQwJas4GX4P7wDAvJ3XwKL0qR6OHS3UZhcSw", "content": "", "creation_timestamp": "2026-01-05T23:00:15.000000Z"}, {"uuid": "00024b02-2231-4927-b6c7-6bf359ebcc1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "published-proof-of-concept", "source": "Telegram/cS3DmVnr5ehL96ysFrnia18U4ZasPNDN-vYIY_B3O_WqA4s", "content": "", "creation_timestamp": "2026-01-06T03:00:07.000000Z"}, {"uuid": "d339e547-4c57-448e-a002-114f8d37af2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "published-proof-of-concept", "source": "Telegram/aWR128lhwJymodLcrmwWhtlvPdy6mxCe1FAPURoGGD7JQA", "content": "", "creation_timestamp": "2026-01-06T07:40:05.000000Z"}, {"uuid": "9a11033d-de68-4f59-9854-572cd228b2e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "published-proof-of-concept", "source": "Telegram/6iE0nKJNWh7FFsElF-Vn8SgE64Y9mO70k9zXifBVBcDVphM", "content": "", "creation_timestamp": "2026-01-08T09:00:04.000000Z"}, {"uuid": "91947145-a8c7-4c55-bb03-e27952c9b2ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "published-proof-of-concept", "source": "Telegram/IdFsQFF7qAFmuBT8GRX-TAi1kGUAf0P6jtuhMSMCgA-bGeo", "content": "", "creation_timestamp": "2026-01-08T03:00:12.000000Z"}, {"uuid": "2ab4447e-9767-4395-890e-1d1a06653056", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://t.me/brutsecurity/2446", "content": "\ud83c\udd98CVE-2026-21440: A critical path traversal vulnerability affecting the AdonisJS framework, specifically its multipart file upload handling.\n\n\u27a1\ufe0fPoC Exploit: https://github.com/Ashwesker/Ashwesker-CVE-2026-21440", "creation_timestamp": "2026-07-09T03:00:06.089585Z"}, {"uuid": "44e7711d-da26-49ba-941d-93d49f5ad7f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://t.me/brutsecurity/2446", "content": "\ud83c\udd98CVE-2026-21440: A critical path traversal vulnerability affecting the AdonisJS framework, specifically its multipart file upload handling.\n\n\u27a1\ufe0fPoC Exploit: https://github.com/Ashwesker/Ashwesker-CVE-2026-21440", "creation_timestamp": "2026-07-10T00:00:13.504716Z"}, {"uuid": "6b8f52b0-1768-4b54-a9bb-7feac4179b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "published-proof-of-concept", "source": "https://t.me/brutsecurity/2446", "content": "\ud83c\udd98CVE-2026-21440: A critical path traversal vulnerability affecting the AdonisJS framework, specifically its multipart file upload handling.\n\n\u27a1\ufe0fPoC Exploit: https://github.com/Ashwesker/Ashwesker-CVE-2026-21440", "creation_timestamp": "2026-07-11T11:00:04.818204Z"}, {"uuid": "8433e11f-970f-4f35-abda-1f3f28abad0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "published-proof-of-concept", "source": "https://t.me/brutsecurity/2446", "content": "\ud83c\udd98CVE-2026-21440: A critical path traversal vulnerability affecting the AdonisJS framework, specifically its multipart file upload handling.\n\n\u27a1\ufe0fPoC Exploit: https://github.com/Ashwesker/Ashwesker-CVE-2026-21440", "creation_timestamp": "2026-07-12T00:00:51.452197Z"}, {"uuid": "c5d91ef7-cc63-4519-b2d5-4a79d87d7db5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "seen", "source": "https://t.me/securixy_kz/1283", "content": "\ud83d\udea8 \u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 AdonisJS Bodyparser (CVE\u20112026\u201121440)  \n\u041a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 Node.js / NPM, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0438\u0439 \u0437\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 multipart\u2011\u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440. \u041f\u0440\u044f\u043c\u043e\u0439 \u043f\u0443\u0442\u044c \u043a RCE \ud83d\ude0f\n\n\u26a1 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c  \n\u041c\u043e\u0434\u0443\u043b\u044c @adonisjs/bodyparser, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0432 AdonisJS (TypeScript\u2011\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u0434\u043b\u044f Node.js), \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u043f\u0443\u0442\u0438 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0444\u0430\u0439\u043b\u043e\u0432.  \n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 multipart\u2011\u0437\u0430\u043f\u0440\u043e\u0441 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0438\u0441\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0432 \u043b\u044e\u0431\u0443\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e, \u043e\u0431\u0445\u043e\u0434\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f.  \n\u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f.\n\n\ud83c\udfaf \u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f  \n\u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044f backend\u2011\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432, \u043f\u043e\u0434\u043c\u0435\u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u0437\u043b\u043e\u043c \u043f\u0440\u0438 \u0441\u043b\u0430\u0431\u043e\u0439 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438.\n\n\ud83d\udee1\ufe0f \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f  \n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 10.1.2 \u0438 11.0.0\u2011next.6.  \n\u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c. \u041f\u0440\u043e\u0432\u0435\u0440\u044f\u0439\u0442\u0435 \u0432\u0441\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 multipart\u2011endpoint\u2019\u044b \u0438 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u0434\u043b\u044f upload\u2019\u043e\u0432.\n\n\ud83d\udd17 \u0414\u0435\u0442\u0430\u043b\u0438  \nhttps://radar.offseq.com/threat/cve-2026-21440-cwe-22-improper-limitation-of-a-pat-1ab6f0b6", "creation_timestamp": "2026-07-12T22:00:06.356918Z"}, {"uuid": "39c9969a-78c7-4c08-84d9-cfb313e694c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-21440", "type": "published-proof-of-concept", "source": "https://t.me/securixy_kz/1283", "content": "\ud83d\udea8 \u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 AdonisJS Bodyparser (CVE\u20112026\u201121440)  \n\u041a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 Node.js / NPM, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0438\u0439 \u0437\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 multipart\u2011\u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440. \u041f\u0440\u044f\u043c\u043e\u0439 \u043f\u0443\u0442\u044c \u043a RCE \ud83d\ude0f\n\n\u26a1 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c  \n\u041c\u043e\u0434\u0443\u043b\u044c @adonisjs/bodyparser, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0432 AdonisJS (TypeScript\u2011\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u0434\u043b\u044f Node.js), \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u043f\u0443\u0442\u0438 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0444\u0430\u0439\u043b\u043e\u0432.  \n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 multipart\u2011\u0437\u0430\u043f\u0440\u043e\u0441 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0438\u0441\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0432 \u043b\u044e\u0431\u0443\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e, \u043e\u0431\u0445\u043e\u0434\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f.  \n\u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f.\n\n\ud83c\udfaf \u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f  \n\u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044f backend\u2011\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432, \u043f\u043e\u0434\u043c\u0435\u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u0437\u043b\u043e\u043c \u043f\u0440\u0438 \u0441\u043b\u0430\u0431\u043e\u0439 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438.\n\n\ud83d\udee1\ufe0f \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f  \n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 10.1.2 \u0438 11.0.0\u2011next.6.  \n\u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c. \u041f\u0440\u043e\u0432\u0435\u0440\u044f\u0439\u0442\u0435 \u0432\u0441\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 multipart\u2011endpoint\u2019\u044b \u0438 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u0434\u043b\u044f upload\u2019\u043e\u0432.\n\n\ud83d\udd17 \u0414\u0435\u0442\u0430\u043b\u0438  \nhttps://radar.offseq.com/threat/cve-2026-21440-cwe-22-improper-limitation-of-a-pat-1ab6f0b6", "creation_timestamp": "2026-07-13T00:00:16.084030Z"}]}