5 matches found
CVE-2026-44290
creationtimestamp| type| source ---|---|--- 2026-06-10 09:00:04+00:00| published-proof-of-concept| Telegram/ZHpMnVOz2cJfIOonPjLT3mqz43XsQAtrT-ty2tkYMtXDqE...
CVE-2026-44290
protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write...
CVE-2026-44290 protobufjs: Process-wide denial of service through unsafe option paths
protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write...
@0xchain/telemetry (>=1.1.0-beta.8 <=1.1.0-beta.18), @20206205tech/nestjs-common (>=0.8.0 <=0.11.3) +958 more potentially affected by CVE-2026-44290 via protobufjs (>=8.0.0 <=8.0.1)
protobufjs NPM version =8.0.0, =1.1.0-beta.8, =0.8.0, =1.0.0, =1.1.4, =0.3.1, =0.3.1, =0.7.1, =0.7.0, =0.8.0 and more Source cves: CVE-2026-44290 Source advisory: SNYK:JS-PROTOBUFJS-16643419...
10minions-engine (>=0.0.1 <=0.0.4), @0xr404/lol404 (>=1.1.0 <=1.1.6) +3276 more potentially affected by CVE-2026-44290 via protobufjs (>=7.0.0 <=7.5.5)
protobufjs NPM version =7.0.0, =0.0.1, =1.1.0, =1.0.1-beta.0, =0.0.2-beta.0, =1.0.0, =1.5.10, =0.10.1, =1.1.0, =6.0.0, =2.0.2, =3.3.2 and more Source cves: CVE-2026-44290 Source advisory: SNYK:JS-PROTOBUFJS-16643419...