diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 1410f362a..374ed19ff 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -78,6 +78,7 @@ catalogs:
 
 overrides:
   path-to-regexp@<0.1.10: 0.1.10
+  axios@>=1.0.0 <=1.13.4: 1.13.5
   svgo@>=3.0.0 <3.3.3: 3.3.3
   minimatch@<3.1.3: 3.1.4
   axios@<1.12.0: '>=1.12.0'
@@ -4405,8 +4406,8 @@ packages:
     resolution: {integrity: sha512-BASOg+YwO2C+346x3LZOeoovTIoTrRqEsqMa6fmfAV0P+U9mFr9NsyOEpiYvFjbc64NMrSswhV50WdXzdb/Z5A==}
     engines: {node: '>=4'}
 
-  axios@1.13.2:
-    resolution: {integrity: sha512-VPk9ebNqPcy5lRGuSlKx752IlDatOjT9paPlm8A7yOuW2Fbvp4X3JznJtT4f0GzGLLiWE9W8onz51SqLYwzGaA==}
+  axios@1.13.5:
+    resolution: {integrity: sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==}
 
   axobject-query@4.1.0:
     resolution: {integrity: sha512-qIj0G9wZbMGNLjLmg1PT6v2mE9AH2zlnADJD/2tC6E00hgmhUOfEB6greHPAfLRSufHqROIUTkw6E+M3lH0PTQ==}
@@ -11174,14 +11175,14 @@ snapshots:
 
   '@mintlify/models@0.0.255':
     dependencies:
-      axios: 1.13.2
+      axios: 1.13.5
       openapi-types: 12.1.3
     transitivePeerDependencies:
       - debug
 
   '@mintlify/models@0.0.279':
     dependencies:
-      axios: 1.13.2
+      axios: 1.13.5
       openapi-types: 12.1.3
     transitivePeerDependencies:
       - debug
@@ -14006,7 +14007,7 @@ snapshots:
 
   axe-core@4.11.1: {}
 
-  axios@1.13.2:
+  axios@1.13.5:
     dependencies:
       follow-redirects: 1.15.11
       form-data: 4.0.5
diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml
index 757da2625..855759fea 100644
--- a/pnpm-workspace.yaml
+++ b/pnpm-workspace.yaml
@@ -2,6 +2,9 @@ overrides:
   # Fix CVE-2024-45296 / GHSA-9wv6-86v2-598j: path-to-regexp ReDoS vulnerability
   # Transitive via mintlify -> @mintlify/previewing -> express@4.18.2
   "path-to-regexp@<0.1.10": "0.1.10"
+  # Fix CVE-2026-25639 / GHSA-43fc-jf86-j433: axios DoS via __proto__ in mergeConfig
+  # Transitive via mintlify -> @mintlify/models
+  "axios@>=1.0.0 <=1.13.4": "1.13.5"
   # Fix CVE-2026-29074 / GHSA-xpqw-6gx7-v673: SVGO DoS through entity expansion in DOCTYPE (Billion Laughs)
   # Transitive via @svgr/webpack -> @svgr/plugin-svgo -> svgo
   "svgo@>=3.0.0 <3.3.3": "3.3.3"