2 matches found
EUVD-2026-16888
Locutus has Prototype Pollution via proto Key Injection in unserialize...
Prototype Pollution
Overview ts-nodash is a Provides object manipulation tools. Affected versions of this package are vulnerable to Prototype Pollution via the Merge function due to lack of validation input. PoC const nodash = require"ts-nodash"; let obj = ; console.log"Before being polluted: " + obj.polluted; var...