fast-xml-parser CVE-2026-25128

[paulrrogers]

Describe the bug

OpenAPI Sampler depends upon a vulnerable version of fast-xml-parser: GHSA-37qj-frw5-hhjh

To Reproduce

Expected behavior

Logs

OpenAPI description

Redocly version(s)

Node.js version(s)

OS, environment

Additional context

[tatomyr]

Depends on https://github.com/Redocly/redocly/issues/20672.

[bolddp]

Depends on https://github.com/Redocly/redocly/issues/20672.

Link returns 404 Not found

[wand2016]

Redocly/openapi-sampler#188
Redocly/openapi-sampler#189

[tatomyr]

@bolddp it's our internal issue. Posted to have it linked. Sorry for confusion.