diff --git a/package-lock.json b/package-lock.json
index 73c771b5b2..7039a86466 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -11,7 +11,7 @@
       "dependencies": {
         "@babel/runtime": "7.27.0",
         "@babel/runtime-corejs3": "7.27.0",
-        "bcryptjs": "2.3.0",
+        "bcryptjs": "3.0.2",
         "body-parser": "2.2.0",
         "commander": "13.1.0",
         "connect-flash": "0.1.1",
@@ -7825,9 +7825,13 @@
       }
     },
     "node_modules/bcryptjs": {
-      "version": "2.3.0",
-      "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-2.3.0.tgz",
-      "integrity": "sha1-WCaQDP73q680JccuTUZN5Qm4wuw="
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-3.0.2.tgz",
+      "integrity": "sha512-k38b3XOZKv60C4E2hVsXTolJWfkGRMbILBIe2IBITXciy5bOsTKot5kDrf3ZfufQtQOUN5mXceUEpU1rTl9Uog==",
+      "license": "BSD-3-Clause",
+      "bin": {
+        "bcrypt": "bin/bcrypt"
+      }
     },
     "node_modules/before-after-hook": {
       "version": "3.0.2",
diff --git a/package.json b/package.json
index e290d66ef9..2581c8c9e3 100644
--- a/package.json
+++ b/package.json
@@ -37,7 +37,7 @@
   "dependencies": {
     "@babel/runtime": "7.27.0",
     "@babel/runtime-corejs3": "7.27.0",
-    "bcryptjs": "2.3.0",
+    "bcryptjs": "3.0.2",
     "body-parser": "2.2.0",
     "commander": "13.1.0",
     "connect-flash": "0.1.1",