body-parser — CVE history (npm)
body-parser
2 CVEs affect the body-parser npm package (highest CVSS 7.5). Latest disclosed: 2025-11-24. Full CVE history sourced from NVD.
Summary
- Package
body-parser(npm)- Total CVEs
2- Actively exploited (CISA KEV)
- 0
- Highest CVSS
7.5- Latest disclosed
- 2025-11-24
Recent CVEs (top 2)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-13466 | — | — | — | 2025-11-24 | body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. |
CVE-2024-45590 | High | 7.5 | — | 2024-09-10 | body-parser is Node.js body parsing middleware. |
All-time worst (top 1 by CVSS)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2024-45590 | High | 7.5 | — | 2024-09-10 | body-parser is Node.js body parsing middleware. |