3 matches found
@brikcss/rollup-config-generator (>=0.0.15 <=0.0.16), @brikcss/stakcss (>=0.0.0 <=0.9.1) +9 more potentially affected by CVE-2026-6594 via @brikcss/merge (>=1.0.7 <=1.3.0)
@brikcss/merge NPM version =1.0.7, =0.0.15, =0.0.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.4, =0.0.1, =0.2.0, =0.10.0 Source cves: CVE-2026-6594 Source advisory: OSV:GHSA-3JC6-6R48-V6QF...
CVE-2026-6594
creationtimestamp| type| source ---|---|--- 2026-04-20 03:15:41+00:00| published-proof-of-concept| Telegram/53YGjSkDbPEnJFokQd7pok6KqRvuzpfctV8oYeRU736c 2026-04-20 03:58:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjvlcl2uzl2h 2026-04-20 05:35:15+00:00| seen|...
CVE-2026-6594 brikcss merge prototype pollution
A vulnerability was determined in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the argument proto/constructor.prototype/prototype can lead to improperly controlled modification of object prototype attributes. The attack may be performed from remote. The...