CWE-1321: CWE-1321

CVE-2024-38999 is a prototype pollution vulnerability in requirejs v2.3.6 that allows attackers to inject arbitrary properties into object prototypes,...

CVE-2024-39008 is a prototype pollution vulnerability in robinweser's fast-loops library version 1.1.3 that allows attackers to inject arbitrary prope...

CVE-2026-26021 is a prototype pollution vulnerability in the npm package set-in that allows attackers to modify Object.prototype through crafted array...

CVE-2025-61140 is a prototype pollution vulnerability in jsonpath 1.1.1 that allows attackers to modify object prototypes, potentially leading to remo...

This CVE describes a prototype pollution vulnerability in the Elysia TypeScript framework that, when combined with a separate advisory (GHSA-8vch-m3f4...

CVE-2025-49223 is a prototype pollution vulnerability in billboard.js that allows attackers to inject arbitrary properties into objects, potentially l...

CVE-2024-38988 is a prototype pollution vulnerability in alizeait unflatto versions up to 1.0.2 that allows attackers to inject arbitrary properties i...

This CVE describes a Prototype Pollution vulnerability in Aliconnect /sdk version 0.0.6 that allows attackers to execute arbitrary code through the ai...

This CVE describes a Prototype Pollution vulnerability in the Quick Learn WordPress plugin that allows attackers to inject arbitrary objects into the ...

CVE-2024-45435 is a prototype pollution vulnerability in Chartist.js that allows attackers to modify object prototypes, potentially leading to remote ...

CVE-2024-38989 is a prototype pollution vulnerability in izatop bunt's qs.js component that allows attackers to inject arbitrary properties into objec...

CVE-2024-38983 is a prototype pollution vulnerability in the alykoshin mini-deep-assign npm package version 0.0.8 that allows attackers to modify Java...

CVE-2024-39011 is a prototype pollution vulnerability in chargeover redoc v2.0.9-rc.69 that allows attackers to modify JavaScript object prototypes, p...

This CVE describes a prototype pollution vulnerability in allpro form-manager version 0.7.4 that allows attackers to inject arbitrary properties into ...

CVE-2024-38986 is a prototype pollution vulnerability in the 75lb deep-merge library version 1.1.1 that allows attackers to modify object prototypes, ...

This CVE describes a prototype pollution vulnerability in ag-grid-community and ag-grid-enterprise versions 31.3.2 via the _.mergeDeep function. Attac...

CVE-2024-39014 is a prototype pollution vulnerability in ahilfoley cahil/utils v2.3.2 that allows attackers to inject arbitrary properties into object...

CVE-2024-36573 is a prototype pollution vulnerability in almela obx versions before 0.0.4 that allows attackers to modify JavaScript object prototypes...

CVE-2024-36582 is a prototype pollution vulnerability in the alexbinary object-deep-assign npm package that allows attackers to modify object prototyp...

This vulnerability in the nora-firebase-common library allows remote attackers to execute arbitrary code by sending a crafted script to the updateStat...

CVE-2024-29650 is a prototype pollution vulnerability in @thi.ng/paths library that allows remote attackers to execute arbitrary code via the mutIn an...

This vulnerability in JSONata allows malicious expressions to override properties on the Object constructor and prototype, potentially leading to deni...

This CVE describes a prototype pollution vulnerability in plotly.js that allows attackers to modify object prototypes through plot API calls. This aff...

A prototype pollution vulnerability in hello.js version 1.18.6 allows attackers to modify JavaScript object prototypes, potentially leading to arbitra...

CVE-2023-3696 is a prototype pollution vulnerability in Mongoose ODM library versions prior to 7.3.4. This allows attackers to inject arbitrary proper...

This vulnerability in Parse Server allows attackers to perform prototype pollution attacks that can lead to remote code execution through the MongoDB ...

CVE-2023-2972 is a prototype pollution vulnerability in antfu/utils library versions prior to 0.7.3. This allows attackers to inject properties into J...

CVE-2023-30363 is a prototype pollution vulnerability in vConsole v3.15.0 that allows attackers to modify JavaScript object prototypes, potentially le...

CVE-2022-2564 is a prototype pollution vulnerability in Mongoose, a MongoDB object modeling tool for Node.js. It allows attackers to inject arbitrary ...

CVE-2022-1295 is a prototype pollution vulnerability in fullpage.js that allows attackers to modify JavaScript object prototypes, potentially leading ...

This CVE describes a prototype pollution vulnerability in Sails.js versions up to 1.4.0 that allows attackers to modify JavaScript object prototypes. ...

CVE-2022-22912 is a prototype pollution vulnerability in the Plist.js library's .parse() function that allows attackers to modify object prototypes. T...

The realms-shim package is vulnerable to sandbox bypass via prototype pollution, allowing attackers to modify JavaScript object prototypes and potenti...

The realms-shim package is vulnerable to sandbox bypass via prototype pollution, allowing attackers to modify JavaScript object prototypes and potenti...

CVE-2021-3815 is a prototype pollution vulnerability in utils.js that allows attackers to modify object prototypes, potentially leading to denial of s...

CVE-2021-3918 is a prototype pollution vulnerability in the json-schema library that allows attackers to modify object prototypes, potentially leading...

CVE-2021-23449 is a Prototype Pollution vulnerability in the vm2 sandbox package that allows attackers to escape the sandbox and execute arbitrary cod...

CVE-2021-3666 is a prototype pollution vulnerability in the body-parser-xml npm package that allows attackers to inject arbitrary properties into Java...

CVE-2021-3766 is a prototype pollution vulnerability in objection.js that allows attackers to modify object prototypes, potentially leading to remote ...

CVE-2021-3757 is a prototype pollution vulnerability in the immer JavaScript library that allows attackers to modify object prototypes, potentially le...

CVE-2021-25953 is a prototype pollution vulnerability in the 'putil-merge' npm package that allows attackers to modify object prototypes, potentially ...

This is a prototype pollution vulnerability in the 'just-safe-set' npm package that allows attackers to modify object prototypes, potentially leading ...

CVE-2021-25948 is a prototype pollution vulnerability in the 'expand-hash' npm package that allows attackers to modify JavaScript object prototypes. T...

This is a prototype pollution vulnerability in the 'nestie' JavaScript library that allows attackers to modify object prototypes, potentially leading ...

CVE-2021-26707 is a prototype pollution vulnerability in the merge-deep Node.js library that allows attackers to modify Object.prototype properties. T...

CVE-2021-25945 is a prototype pollution vulnerability in the 'js-extend' npm package that allows attackers to modify JavaScript object prototypes, pot...

CVE-2021-25944 is a prototype pollution vulnerability in the 'deep-defaults' npm package versions 1.0.0 through 1.0.5. This allows attackers to modify...

CVE-2021-25946 is a prototype pollution vulnerability in nconf-toml, a Node.js configuration file parser. It allows attackers to modify object prototy...

CVE-2021-25941 is a prototype pollution vulnerability in the 'deep-override' npm package versions 1.0.0 through 1.0.1. This allows attackers to modify...

CVE-2021-25927 is a prototype pollution vulnerability in the 'safe-flat' npm package versions 2.0.0 through 2.0.1. This allows attackers to modify obj...