diff --git a/packages/nocodb/package.json b/packages/nocodb/package.json
index 5053ffc378..56e0256dee 100644
--- a/packages/nocodb/package.json
+++ b/packages/nocodb/package.json
@@ -90,7 +90,7 @@
     "cookie-parser": "^1.4.6",
     "cors": "^2.8.5",
     "cron": "^1.8.2",
-    "crypto-js": "^4.0.0",
+    "crypto-js": "^4.2.0",
     "dataloader": "^2.0.0",
     "dayjs": "^1.11.10",
     "debug": "^4.3.4",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 756f5ef94d..43e0a5c123 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -545,8 +545,8 @@ importers:
         specifier: ^1.8.2
         version: 1.8.2
       crypto-js:
-        specifier: ^4.0.0
-        version: 4.0.0
+        specifier: ^4.2.0
+        version: 4.2.0
       dataloader:
         specifier: ^2.0.0
         version: 2.0.0
@@ -12975,8 +12975,8 @@ packages:
     resolution: {integrity: sha512-mCxBlsHFYh9C+HVpiEacem8FEBnMXgU9gy4zmNC+SXAZNB/1idgp/aulFJ4FgCi7GPEVbfyng092GqL2k2rmow==}
     dev: false
 
-  /crypto-js@4.0.0:
-    resolution: {integrity: sha512-bzHZN8Pn+gS7DQA6n+iUmBfl0hO5DJq++QP3U6uTucDtk/0iGpXd/Gg7CGR0p8tJhofJyaKoWBuJI4eAO00BBg==}
+  /crypto-js@4.2.0:
+    resolution: {integrity: sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==}
     dev: false
 
   /crypto-random-string@2.0.0: