diff --git a/package-lock.json b/package-lock.json
index c50281cb56..f72aacf25f 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -39,7 +39,7 @@
         "mime": "4.0.4",
         "mongodb": "6.12.0",
         "mustache": "4.2.0",
-        "otpauth": "9.3.5",
+        "otpauth": "9.3.6",
         "parse": "5.3.0",
         "path-to-regexp": "6.3.0",
         "pg-monitor": "2.1.0",
@@ -3159,9 +3159,9 @@
       }
     },
     "node_modules/@noble/hashes": {
-      "version": "1.5.0",
-      "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.5.0.tgz",
-      "integrity": "sha512-1j6kQFb7QRru7eKN3ZDvRcP13rugwdxZqCjbiAVZfIJwgj2A65UmT4TgARXGlXgnRkORLTDTrO19ZErt7+QXgA==",
+      "version": "1.6.1",
+      "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.6.1.tgz",
+      "integrity": "sha512-pq5D8h10hHBjyqX+cfBm0i8JUXJ0UhczFc4r74zbuT9XgewFo2E3J1cOaGtdZynILNmQ685YWGzGE1Zv6io50w==",
       "engines": {
         "node": "^14.21.3 || >=16"
       },
@@ -16836,11 +16836,11 @@
       }
     },
     "node_modules/otpauth": {
-      "version": "9.3.5",
-      "resolved": "https://registry.npmjs.org/otpauth/-/otpauth-9.3.5.tgz",
-      "integrity": "sha512-jQyqOuQExeIl4YIiOUz4TdEcamgAgPX6UYeeS9Iit4lkvs7bwHb0JNDqchGRccbRfvWHV6oRwH36tOsVmc+7hQ==",
+      "version": "9.3.6",
+      "resolved": "https://registry.npmjs.org/otpauth/-/otpauth-9.3.6.tgz",
+      "integrity": "sha512-eIcCvuEvcAAPHxUKC9Q4uCe0Fh/yRc5jv9z+f/kvyIF2LPrhgAOuLB7J9CssGYhND/BL8M9hlHBTFmffpoQlMQ==",
       "dependencies": {
-        "@noble/hashes": "1.5.0"
+        "@noble/hashes": "1.6.1"
       },
       "funding": {
         "url": "https://github.com/hectorm/otpauth?sponsor=1"
@@ -23385,9 +23385,9 @@
       }
     },
     "@noble/hashes": {
-      "version": "1.5.0",
-      "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.5.0.tgz",
-      "integrity": "sha512-1j6kQFb7QRru7eKN3ZDvRcP13rugwdxZqCjbiAVZfIJwgj2A65UmT4TgARXGlXgnRkORLTDTrO19ZErt7+QXgA=="
+      "version": "1.6.1",
+      "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.6.1.tgz",
+      "integrity": "sha512-pq5D8h10hHBjyqX+cfBm0i8JUXJ0UhczFc4r74zbuT9XgewFo2E3J1cOaGtdZynILNmQ685YWGzGE1Zv6io50w=="
     },
     "@node-rs/bcrypt": {
       "version": "1.10.7",
@@ -33114,11 +33114,11 @@
       }
     },
     "otpauth": {
-      "version": "9.3.5",
-      "resolved": "https://registry.npmjs.org/otpauth/-/otpauth-9.3.5.tgz",
-      "integrity": "sha512-jQyqOuQExeIl4YIiOUz4TdEcamgAgPX6UYeeS9Iit4lkvs7bwHb0JNDqchGRccbRfvWHV6oRwH36tOsVmc+7hQ==",
+      "version": "9.3.6",
+      "resolved": "https://registry.npmjs.org/otpauth/-/otpauth-9.3.6.tgz",
+      "integrity": "sha512-eIcCvuEvcAAPHxUKC9Q4uCe0Fh/yRc5jv9z+f/kvyIF2LPrhgAOuLB7J9CssGYhND/BL8M9hlHBTFmffpoQlMQ==",
       "requires": {
-        "@noble/hashes": "1.5.0"
+        "@noble/hashes": "1.6.1"
       }
     },
     "p-cancelable": {
diff --git a/package.json b/package.json
index 9865084c7b..69b2f5d83f 100644
--- a/package.json
+++ b/package.json
@@ -48,7 +48,7 @@
     "mime": "4.0.4",
     "mongodb": "6.12.0",
     "mustache": "4.2.0",
-    "otpauth": "9.3.5",
+    "otpauth": "9.3.6",
     "parse": "5.3.0",
     "path-to-regexp": "6.3.0",
     "pg-monitor": "2.1.0",