1. path-to-regexp Patches CVE-2026-4926 and CVE-2026-4923 in Version 8.4.0 Security Update
The path-to-regexp library has been updated to version 8.4.0, addressing two documented security vulnerabilities identified as CVE-2026-4926 and CVE-2026-4923. The update includes fixes that restrict wildcard backtracking when more than one wildcard appears in a path, a pattern that could otherwise expose applications ...