From 1dc273462ec956d7d9651709747ba9f4ff3529e9 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 4 Dec 2025 09:46:13 +0000
Subject: [PATCH] fix: server/package.json & server/package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NODEMAILER-14157156
---
 server/package-lock.json | 8 ++++----
 server/package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/server/package-lock.json b/server/package-lock.json
index 2b61f668..a91f2599 100644
--- a/server/package-lock.json
+++ b/server/package-lock.json
@@ -23,7 +23,7 @@
         "mongodb": "^6.14.2",
         "mongoose": "^8.9.5",
         "multer": "^1.4.5-lts.2",
-        "nodemailer": "^6.10.0",
+        "nodemailer": "^7.0.11",
         "rimraf": "^6.0.1",
         "validator": "^13.12.0",
         "winston": "^3.17.0"
@@ -6130,9 +6130,9 @@
       "dev": true
     },
     "node_modules/nodemailer": {
-      "version": "6.10.0",
-      "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.10.0.tgz",
-      "integrity": "sha512-SQ3wZCExjeSatLE/HBaXS5vqUOQk6GtBdIIKxiFdmm01mOQZX/POJkO3SUX1wDiYcwUOJwT23scFSC9fY2H8IA==",
+      "version": "7.0.11",
+      "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-7.0.11.tgz",
+      "integrity": "sha512-gnXhNRE0FNhD7wPSCGhdNh46Hs6nm+uTyg+Kq0cZukNQiYdnCsoQjodNP9BQVG9XrcK/v6/MgpAPBUFyzh9pvw==",
       "license": "MIT-0",
       "engines": {
         "node": ">=6.0.0"
diff --git a/server/package.json b/server/package.json
index 9a79bd55..0e7b97d8 100644
--- a/server/package.json
+++ b/server/package.json
@@ -34,7 +34,7 @@
     "mongodb": "^6.14.2",
     "mongoose": "^8.9.5",
     "multer": "^1.4.5-lts.2",
-    "nodemailer": "^6.10.0",
+    "nodemailer": "^7.0.11",
     "rimraf": "^6.0.1",
     "validator": "^13.12.0",
     "winston": "^3.17.0"