[Aikido] Fix 41 security issues in picomatch, glob, js-yaml and 2 more

[aikido-autofix]

Upgrade dependencies to fix critical RCE vulnerabilities in prototype pollution, template injection, and protobuf code execution, plus SSRF via proxy bypass.

⚠️ Breaking changes analysis not available for: glob, minimatch, brace-expansion

✅ No breaking changes for: picomatch, js-yaml

✅ 41 CVEs resolved by this upgrade, including 4 critical 🚨 CVEs

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2026-23736	🚨 CRITICAL	[seroval] Improper input validation in JSON deserialization allows malicious object keys to cause prototype pollution, enabling attackers to modify object prototypes and potentially execute arbitrary code or manipulate application behavior.
CVE-2026-23737	HIGH	[seroval] Improper input handling in JSON deserialization allows arbitrary JavaScript code execution through constant value and error deserialization overrides. Attackers can exploit fromJSON and fromCrossJSON functions via multiple requests to achieve RCE in client-to-server scenarios.
CVE-2026-23957	HIGH	[seroval] A denial of service vulnerability exists where attackers can override encoded array lengths with excessively large values, causing the deserialization process to consume significant processing time and resources.
CVE-2026-24006	HIGH	[seroval] A stack overflow vulnerability occurs when serializing deeply nested objects, causing denial of service. The vulnerability is mitigated by introducing a configurable depth limit parameter that throws an error when exceeded.
CVE-2026-23956	MEDIUM	[seroval] Unsafe RegExp deserialization allows attackers to cause memory exhaustion or trigger ReDoS attacks through malicious regex patterns, leading to denial of service.
CVE-2026-4800	🚨 CRITICAL	[lodash] A vulnerability in _.template allows arbitrary code execution through untrusted key names in options.imports or prototype pollution, as validation was incomplete after a prior CVE fix. An attacker can inject malicious code that executes during template compilation.
CVE-2025-13465	MEDIUM	[lodash] A prototype pollution vulnerability in _.unset and _.omit functions allows attackers to delete methods from global prototypes via crafted paths. While this prevents property overwriting, it can cause denial of service by removing critical functionality.
CVE-2026-2950	MEDIUM	[lodash] Prototype pollution vulnerability in _.unset and _.omit functions allows attackers to bypass previous fixes using array-wrapped path segments, enabling deletion of properties from built-in prototypes. While this doesn't allow overwriting prototype behavior, it can cause denial of service or unexpected application behavior.
CVE-2025-62718	🚨 CRITICAL	[axios] Improper hostname normalization in NO_PROXY rule checking allows requests to loopback addresses (localhost., [::1]) to bypass proxy protections, enabling proxy bypass and potential SSRF attacks against internal services. This vulnerability permits attackers to reach sensitive services despite configured NO_PROXY protections.
CVE-2026-40175	HIGH	[axios] A prototype pollution vulnerability in Axios can be exploited through gadget chains to escalate into Remote Code Execution (RCE) or bypass AWS IMDSv2 for cloud compromise. This affects any third-party dependencies using the library.
CVE-2026-25639	HIGH	[axios] The mergeConfig function crashes with a TypeError when processing configuration objects containing proto as an own property, allowing attackers to trigger denial of service. An attacker can exploit this by providing a malicious configuration object created via JSON.parse().
CVE-2026-39865	MEDIUM	[axios] A state corruption bug in HTTP/2 session cleanup allows a malicious server to crash the client process through concurrent session closures via improper control flow in session removal logic.
AIKIDO-2026-10509	MEDIUM	[axios] Prototype pollution vulnerability allows attackers to inject malicious headers into requests through unsafe FormData detection and header merging, potentially enabling authorization bypass or request manipulation.
CVE-2026-41242	🚨 CRITICAL	[protobufjs] Arbitrary code injection vulnerability in protobuf type fields allows attackers to execute malicious code during object decoding. This enables remote code execution (RCE) when processing untrusted protobuf definitions.
AIKIDO-2026-10467	MEDIUM	[protobufjs] Prototype pollution vulnerability in message initialization allows attackers to inject malicious properties via the proto field, enabling prototype chain manipulation and unintended property injection across the application.
CVE-2026-3304	HIGH	[multer] A vulnerability allows attackers to trigger Denial of Service (DoS) attacks by sending malformed multipart/form-data requests, causing resource exhaustion. This impacts availability by potentially crashing or degrading the application's performance.
CVE-2026-2359	HIGH	[multer] A vulnerability allows attackers to trigger a Denial of Service by dropping connections during file uploads, causing resource exhaustion. This impacts server availability and resource management.
CVE-2026-3520	HIGH	[multer] A vulnerability allows attackers to trigger a Denial of Service (DoS) attack by sending malformed multipart/form-data requests, potentially causing stack overflow and application crashes.
CVE-2025-64756	HIGH	[glob] A command injection vulnerability in the CLI's -c/--cmd option allows arbitrary code execution when processing files with malicious names, as matched filenames are passed to a shell with shell metacharacters interpreted.
CVE-2026-24001	HIGH	[diff] The parsePatch and applyPatch methods are vulnerable to denial-of-service attacks when processing patches with specific line break characters (\r, \u2028, \u2029) in filename or patch headers, causing infinite loops and memory exhaustion or ReDoS attacks.
CVE-2026-2391	HIGH	[qs] Comma-separated value parsing bypasses arrayLimit enforcement when comma: true is enabled, allowing attackers to create arbitrarily large arrays from a single parameter and cause denial-of-service through memory exhaustion.
CVE-2025-15284	MEDIUM	[qs] Improper input validation in array parsing allows the arrayLimit option to be bypassed when using bracket notation, enabling potential HTTP DoS attacks when parameterLimit is set to high values. The vulnerability inconsistently enforces arrayLimit only for indexed notation while ignoring it for bracket notation array syntax.
GHSA-r4q5-vmmm-2653	HIGH	[follow-redirects] Custom authentication headers (e.g., X-API-Key, X-Auth-Token) are leaked to redirect targets on cross-domain redirects because only standard headers are stripped. This enables attackers to capture sensitive credentials through malicious redirects.
GHSA-w5hq-g745-h8pq	MEDIUM	[uuid] v3, v5, and v6 UUID functions silently perform partial writes when provided with out-of-range buffer offsets, unlike v4/v1/v7 which properly throw RangeError, potentially producing malformed identifiers without error.
CVE-2026-35515	MEDIUM	[@nestjs/core] SseStream._transform() fails to sanitize newline characters in message.type and message.id fields, allowing attackers to inject arbitrary Server-Sent Events, spoof event types, and corrupt reconnection state through SSE protocol manipulation.
CVE-2025-64718	MEDIUM	[js-yaml] A prototype pollution vulnerability allows attackers to modify object prototypes through malicious YAML documents, potentially leading to arbitrary code execution or application compromise when parsing untrusted input.
AIKIDO-2025-10809	MEDIUM	[js-yaml] A prototype pollution vulnerability allows attackers to inject malicious keys into object prototypes via crafted YAML input, potentially leading to remote code execution, denial of service, or other security breaches.
CVE-2026-2739	MEDIUM	[bn.js] This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.
CVE-2026-31808	MEDIUM	[file-type] A denial of service vulnerability in ASF file type detection allows an attacker to cause an infinite loop by crafting a malicious file with a zero-sized sub-header, stalling the Node.js event loop with a minimal 55-byte payload.
CVE-2026-32630	MEDIUM	[file-type] A crafted ZIP file can trigger excessive memory growth during type detection, causing denial of service. The vulnerability affects buffer, blob, and file-based detection methods due to missing inflate output limits for known-size inputs.
AIKIDO-2026-10412	LOW	[file-type] A parser vulnerability allows attackers to supply crafted files triggering excessive reads/skips through unknown-size stream handling in EBML, PNG, ASF, TIFF, ZIP, and ID3 formats, causing denial of service via high memory or CPU consumption.
CVE-2026-33672	MEDIUM	[picomatch] A method injection vulnerability in POSIX bracket expressions allows specially crafted patterns to reference inherited methods, causing incorrect glob matching behavior that could bypass security-relevant filtering or validation logic. This integrity issue affects applications relying on glob patterns for access control.
CVE-2026-33671	MEDIUM	[picomatch] Regular Expression Denial of Service (ReDoS) vulnerability in extglob pattern processing causes catastrophic backtracking on crafted patterns, allowing attackers to consume excessive CPU and block the event loop when untrusted glob patterns are compiled or matched.
CVE-2026-33532	MEDIUM	[yaml] A stack overflow vulnerability in the YAML parser's node resolution phase allows attackers to trigger a RangeError via deeply nested YAML structures (~2-10 KB), potentially causing denial of service or process termination in applications that don't catch non-YAMLParseError exceptions.
CVE-2025-66020	MEDIUM	[valibot] A Regular Expression Denial of Service (ReDoS) vulnerability in the emoji validation action allows attackers to craft short malicious strings that cause excessive CPU consumption, leading to application denial of service.
CVE-2026-26996	MEDIUM	[minimatch] A Regular Expression Denial of Service (ReDoS) vulnerability exists when glob patterns contain many consecutive * wildcards followed by a literal character, causing exponential backtracking with O(4^N) complexity. Applications passing user-controlled strings as patterns to minimatch() are vulnerable to severe performance degradation or hangs.
CVE-2026-27903	MEDIUM	[minimatch] A ReDoS vulnerability in glob pattern matching causes unbounded recursive backtracking with multiple GLOBSTAR segments, enabling attackers to stall the event loop for tens of seconds via crafted patterns in build tools, CI/CD pipelines, or multi-tenant systems.
CVE-2026-27904	MEDIUM	[minimatch] Nested extglobs (*() and +()) generate regexps with catastrophic backtracking, causing severe ReDoS denial-of-service attacks with minimal input patterns triggering multi-second hangs.
CVE-2026-33750	MEDIUM	[brace-expansion] A brace pattern with zero step value causes an infinite loop, leading to denial of service through process hangs and excessive memory allocation. The vulnerability affects string expansion operations when malicious or malformed patterns are processed.
AIKIDO-2026-10477	LOW	[brace-expansion] A denial-of-service vulnerability allows attackers to craft malicious brace patterns with repeated numeric ranges that cause exponential expansion, consuming excessive CPU and memory until process failure. The fix introduces an optional maximum limit parameter to bound expansion work.
CVE-2026-4867	MEDIUM	[path-to-regexp] A bad regular expression is generated when three or more parameters exist in a single segment separated by non-period characters, causing catastrophic backtracking and potential ReDoS (Regular Expression Denial of Service) attacks. This vulnerability can lead to severe performance degradation or denial of service when processing malicious URLs.

[aikido-autofix]

Closed by Aikido: a new AutoFix has been created → #219