7 matches found
CVE-2026-15538
A flaw was found in PrimeFaces PrimeReact. A remote attacker can exploit a weakness in the ObjectUtils.mutateFieldData function within the component API. This allows for the improper modification of object prototype attributes, potentially leading to unexpected behavior or further attacks. This...
EUVD-2026-43294
A weakness has been identified in primefaces primereact up to 10.9.8. This issue affects the function ObjectUtils.mutateFieldData of the component API. This manipulation of the argument Field causes improperly controlled modification of object prototype attributes. The attack is possible to be...
CVE-2026-15538
A weakness has been identified in primefaces primereact up to 10.9.8. This issue affects the function ObjectUtils.mutateFieldData of the component API. This manipulation of the argument Field causes improperly controlled modification of object prototype attributes. The attack is possible to be...
CVE-2026-15538 primefaces primereact API ObjectUtils.mutateFieldData prototype pollution
A weakness has been identified in primefaces primereact up to 10.9.8. This issue affects the function ObjectUtils.mutateFieldData of the component API. This manipulation of the argument Field causes improperly controlled modification of object prototype attributes. The attack is possible to be...
CVE-2026-15538
CVE-2026-15538 affects PrimeFaces PrimeReact up to 10.9.8. The vulnerability is in the API function ObjectUtils.mutateFieldData, where manipulation of the argument Field enables prototype attribute modification (prototype pollution). The attack is stated as remotely exploitable. The issue notes t...
Malicious code in primereact-sass-theme (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cc148ba6f2b6ad7d439003a3b980ba24d27a619fda1198bfa32adfc54d5bb350 Any computer that has this package installed or running should be considered...
MAL-2025-4574 Malicious code in primereact-sass-theme (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cc148ba6f2b6ad7d439003a3b980ba24d27a619fda1198bfa32adfc54d5bb350 Any computer that has this package installed or running should be considered...