Search Vulnerabilities

1024bit extend-deep index.js prototype pollution

CVE-2026-6594

brikcss merge prototype pollution

CVE-2026-34622

Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)

CVE-2026-34626

Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)

CVE-2026-34621

Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)

Apr 11, 2026

CVE-2026-40190

LangSmith Client SDKs has Prototype Pollution in langsmith-sdk via Incomplete `__proto__` Guard in Internal lodash `set()`

Apr 10, 2026

CVE-2026-35209

defu: Prototype pollution via `__proto__` key in defaults argument

Apr 6, 2026

CVE-2026-2950

lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`

CVE-2026-34221

MikroORM has Prototype Pollution in Utils.merge

CVE-2026-33994

Locutus Prototype Pollution due to incomplete fix for CVE-2026-25521

CVE-2026-33993

Locutus has Prototype Pollution via __proto__ Key Injection in unserialize()

CVE-2026-33916

Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection

CVE-2026-33672

Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching

Mar 26, 2026

CVE-2026-33696

n8n Vulnerable to Prototype Pollution in XML & GSuiteAdmin node parameters lead to RCE

Mar 25, 2026

CVE-2026-33228

flatted: Prototype Pollution via parse()

CVE-2026-32701

Qwik has array method pollution in FormData processing, allowing type confusion and DoS

CVE-2026-32886

Parse Server's Cloud function dispatch crashes server via prototype chain traversal

CVE-2026-32878

Parse Server vulnerable to schema poisoning via prototype pollution in deep copy

CVE-2026-31865

Elysia Cookie Value Prototype Pollution

CVE-2026-27524

OpenClaw < 2026.2.21 - Prototype Pollution via Debug Override Path

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-6621

1024bit extend-deep index.js prototype pollution

CVE-2026-6594

brikcss merge prototype pollution

CVE-2026-34622

Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)

CVE-2026-34626

Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)

CVE-2026-34621

Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)

Apr 11, 2026

CVE-2026-40190

LangSmith Client SDKs has Prototype Pollution in langsmith-sdk via Incomplete `__proto__` Guard in Internal lodash `set()`

Apr 10, 2026

CVE-2026-35209

defu: Prototype pollution via `__proto__` key in defaults argument

Apr 6, 2026

CVE-2026-2950

lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`

CVE-2026-34221

MikroORM has Prototype Pollution in Utils.merge

CVE-2026-33994

Locutus Prototype Pollution due to incomplete fix for CVE-2026-25521

CVE-2026-33993

Locutus has Prototype Pollution via __proto__ Key Injection in unserialize()

CVE-2026-33916

Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection

CVE-2026-33672

Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching

Mar 26, 2026

CVE-2026-33696

n8n Vulnerable to Prototype Pollution in XML & GSuiteAdmin node parameters lead to RCE

Mar 25, 2026

CVE-2026-33228

flatted: Prototype Pollution via parse()

CVE-2026-32701

Qwik has array method pollution in FormData processing, allowing type confusion and DoS

CVE-2026-32886

Parse Server's Cloud function dispatch crashes server via prototype chain traversal

CVE-2026-32878

Parse Server vulnerable to schema poisoning via prototype pollution in deep copy

CVE-2026-31865

Elysia Cookie Value Prototype Pollution

CVE-2026-27524

OpenClaw < 2026.2.21 - Prototype Pollution via Debug Override Path