diff --git a/.changeset/silent-experts-share.md b/.changeset/silent-experts-share.md
new file mode 100644
index 00000000..7041c0d4
--- /dev/null
+++ b/.changeset/silent-experts-share.md
@@ -0,0 +1,5 @@
+---
+'serve': patch
+---
+
+Update `serve-handler` to `6.1.7` to fix ReDoS vulnerabilities
diff --git a/package.json b/package.json
index 61c0071b..bdfb4b41 100644
--- a/package.json
+++ b/package.json
@@ -47,7 +47,7 @@
     "clipboardy": "3.0.0",
     "compression": "1.8.1",
     "is-port-reachable": "4.0.0",
-    "serve-handler": "6.1.6",
+    "serve-handler": "6.1.7",
     "update-check": "1.5.4"
   },
   "devDependencies": {
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 5f335038..e3b8d371 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -35,8 +35,8 @@ importers:
         specifier: 4.0.0
         version: 4.0.0
       serve-handler:
-        specifier: 6.1.6
-        version: 6.1.6
+        specifier: 6.1.7
+        version: 6.1.7
       update-check:
         specifier: 1.5.4
         version: 1.5.4
@@ -3567,6 +3567,12 @@ packages:
         integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==,
       }
 
+  minimatch@3.1.5:
+    resolution:
+      {
+        integrity: sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==,
+      }
+
   minimatch@9.0.5:
     resolution:
       {
@@ -4303,10 +4309,10 @@ packages:
     engines: { node: '>=10' }
     hasBin: true
 
-  serve-handler@6.1.6:
+  serve-handler@6.1.7:
     resolution:
       {
-        integrity: sha512-x5RL9Y2p5+Sh3D38Fh9i/iQ5ZK+e4xuXRd/pGbM4D13tgo/MGwbttUk8emytcr1YYzBYs+apnUngBDFYfpjPuQ==,
+        integrity: sha512-CinAq1xWb0vR3twAv9evEU8cNWkXCb9kd5ePAHUKJBkOsUpR1wt/CvGdeca7vqumL1U5cSaeVQ6zZMxiJ3yWsg==,
       }
 
   set-function-length@1.2.2:
@@ -7323,6 +7329,10 @@ snapshots:
     dependencies:
       brace-expansion: 1.1.11
 
+  minimatch@3.1.5:
+    dependencies:
+      brace-expansion: 1.1.11
+
   minimatch@9.0.5:
     dependencies:
       brace-expansion: 2.0.1
@@ -7708,12 +7718,12 @@ snapshots:
 
   semver@7.6.3: {}
 
-  serve-handler@6.1.6:
+  serve-handler@6.1.7:
     dependencies:
       bytes: 3.0.0
       content-disposition: 0.5.2
       mime-types: 2.1.18
-      minimatch: 3.1.2
+      minimatch: 3.1.5
       path-is-inside: 1.0.2
       path-to-regexp: 3.3.0
       range-parser: 1.2.0