📄 deephas 1.0.7 Prototype Pollution

The deephas npm package suffers from a prototype pollution vulnerability in versions 1.0.7 and below due to unsafe recursive property assignment without proper hasOwnProperty checks and inadequate path sanitization. Exploit Title: deephas 1.0.7 - Prototype Pollution Google Dork: N/A Date:...

deephas 1.0.7 - Prototype Pollution

Exploit Title: deephas 1.0.7 - Prototype Pollution Google Dork: N/A Date: 2026-02-01 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Instagram: @banyamersecurity Vendor Homepage: https://www.npmjs.com/package/deephas Software Link: https://github.com/sharpred/deepHas Version: =...

Prototype Pollution

deepHas is vulnerable to Prototype Pollution. The vulnerability is due to unsafe handling of nested object keys, where attacker-controlled input can modify properties on JavaScript prototypes, allowing global object behavior to be altered in applications using deephas...

Exploit for CVE-2026-25047

deephas = 1.0.8. References: - GitHub Advisory GHSA-2...

CVE-2026-25047

deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8...

deepHas vulnerable to Prototype Pollution via constructor.prototype

Summary A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8. Details The vulnerability resides in the add function and indexer function implemented within deepHas.js...

GHSA-2733-6C58-PF27 deepHas vulnerable to Prototype Pollution via constructor.prototype

Summary A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8. Details The vulnerability resides in the add function and indexer function implemented within deepHas.js...

Prototype Pollution

Overview deephas is a package to test for existence of nested object key and optionally return that key. Affected versions of this package are vulnerable to Prototype Pollution via the add and indexer functions. An attacker can modify global object behavior and inject arbitrary properties into...

CVE-2026-25047

deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8...

CVE-2026-25047

CVE-2026-25047 affects the deephas npm package, specifically version 1.0.7, which contains a prototype pollution vulnerability in its handling of nested object keys. The issue allows an attacker to modify global object behavior (e.g., via constructor.prototype.polluted or proto .polluted) and can...

CVE-2026-25047 deepHas vulnerable to Prototype Pollution via constructor.prototype

deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8...

CVE-2026-25047 deepHas vulnerable to Prototype Pollution via constructor.prototype

deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8...

EUVD-2026-4946

deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8...

CVE-2026-25047 deepHas vulnerable to Prototype Pollution via constructor.prototype

deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8...

CVE-2026-25047

deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8...

deepHas security vulnerabilities

deepHas is a software library developed by Paul Ryan. Version 1.0.7 of deepHas contains a security vulnerability, which stems from prototype pollution and could allow attackers to modify the behavior of global objects...

PT-2026-5362

Name of the Vulnerable Software and Affected Versions deephas version 1.0.7 deephas versions prior to 1.0.8 Description A prototype pollution issue exists in the deephas npm package. This allows an attacker to modify global object behavior by injecting properties into Object.prototype. The issue...

EUVD-2021-1972

Malware in sbrugna...

Prototype Pollution in deephas

Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution...

GHSA-4FR2-J4G9-MPPF Prototype Pollution in deephas

Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution...