CVE-2026-15607
TanStack DB up to 0.6.8 contains a vulnerability in the Alias Path Handler’s select function (src/query/compiler/select.ts) that allows improperly controlled modification of object prototype attributes (prototype pollution). Impacted component: TanStack DB; vulnerability arises from the select fu...