CVE-2026-12143HighCVSS 7.5

form-data does not escape CR/LF/quote in multipart field names and filenames (CRLF injection)

Published
June 19, 2026
Last Modified

🔗 CVE IDs covered (1)