diff --git a/package-lock.json b/package-lock.json
index 718f5d85..4fbe8222 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -20,7 +20,7 @@
         "didyoumean": "1.2.2",
         "ejs": "3.1.10",
         "es-main": "1.4.0",
-        "express": "5.1.0",
+        "express": "5.2.0",
         "express-csp-header": "^6.2.0",
         "express-ejs-layouts": "2.5.1",
         "express-session": "^1.18.2",
@@ -9890,18 +9890,19 @@
       }
     },
     "node_modules/express": {
-      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/express/-/express-5.1.0.tgz",
-      "integrity": "sha512-DT9ck5YIRU+8GYzzU5kT3eHGA5iL+1Zd0EutOmTE9Dtk+Tvuzd23VBU+ec7HPNSTxXYO55gPV/hq4pSBJDjFpA==",
+      "version": "5.2.0",
+      "resolved": "https://registry.npmjs.org/express/-/express-5.2.0.tgz",
+      "integrity": "sha512-XdpJDLxfztVY59X0zPI6sibRiGcxhTPXRD3IhJmjKf2jwMvkRGV1j7loB8U+heeamoU3XvihAaGRTR4aXXUN3A==",
       "license": "MIT",
       "dependencies": {
         "accepts": "^2.0.0",
-        "body-parser": "^2.2.0",
+        "body-parser": "^2.2.1",
         "content-disposition": "^1.0.0",
         "content-type": "^1.0.5",
         "cookie": "^0.7.1",
         "cookie-signature": "^1.2.1",
         "debug": "^4.4.0",
+        "depd": "^2.0.0",
         "encodeurl": "^2.0.0",
         "escape-html": "^1.0.3",
         "etag": "^1.8.1",
diff --git a/package.json b/package.json
index d4eda9ed..7ec985c3 100644
--- a/package.json
+++ b/package.json
@@ -54,7 +54,7 @@
     "didyoumean": "1.2.2",
     "ejs": "3.1.10",
     "es-main": "1.4.0",
-    "express": "5.1.0",
+    "express": "5.2.0",
     "express-csp-header": "^6.2.0",
     "express-ejs-layouts": "2.5.1",
     "express-session": "^1.18.2",