A vulnerability identified as critical has been detected in form-data up to 2.5.5/3.0.4/4.0.5 . Affected by this issue is some unknown functionality. Performing a manipulation results in crlf injection. This vulnerability is identified as CVE-2026-12143 . The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.