Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-27837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dottie provides nested object access and manipulation in JavaScript. Versions 2.0.4 through 2.0.6 contain an incomplete fix for CVE-2023-26132. The prototype...

9.8CVSS7AI score0.01062EPSS
Exploits3References3
OSV
OSV
added 2026/02/26 1:16 a.m.5 views

UBUNTU-CVE-2026-27837

Dottie provides nested object access and manipulation in JavaScript. Versions 2.0.4 through 2.0.6 contain an incomplete fix for CVE-2023-26132. The prototype pollution guard introduced in commit 7d3aee1 only validates the first segment of a dot-separated path, allowing an attacker to bypass the...

9.8CVSS5.7AI score0.00303EPSS
Exploits2References5
OSV
OSV
added 2026/02/26 12:19 a.m.6 views

CVE-2026-27837 Dottie vulnerable to prototype pollution bypass via non-first path segments in set() and transform()

Dottie provides nested object access and manipulation in JavaScript. Versions 2.0.4 through 2.0.6 contain an incomplete fix for CVE-2023-26132. The prototype pollution guard introduced in commit 7d3aee1 only validates the first segment of a dot-separated path, allowing an attacker to bypass the...

6.3CVSS5.5AI score0.00303EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2026/02/26 12:19 a.m.4 views

CVE-2026-27837 Dottie vulnerable to prototype pollution bypass via non-first path segments in set() and transform()

Dottie provides nested object access and manipulation in JavaScript. Versions 2.0.4 through 2.0.6 contain an incomplete fix for CVE-2023-26132. The prototype pollution guard introduced in commit 7d3aee1 only validates the first segment of a dot-separated path, allowing an attacker to bypass the...

6.3CVSS5.4AI score0.00303EPSS
Exploits2References3
Debian CVE
Debian CVE
added 2026/02/26 12:19 a.m.5 views

CVE-2026-27837

Dottie provides nested object access and manipulation in JavaScript. Versions 2.0.4 through 2.0.6 contain an incomplete fix for CVE-2023-26132. The prototype pollution guard introduced in commit 7d3aee1 only validates the first segment of a dot-separated path, allowing an attacker to bypass the...

9.8CVSS8.4AI score0.00303EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2026/02/26 12:0 a.m.5 views

CVE-2026-27837

Dottie provides nested object access and manipulation in JavaScript. Versions 2.0.4 through 2.0.6 contain an incomplete fix for CVE-2023-26132. The prototype pollution guard introduced in commit 7d3aee1 only validates the first segment of a dot-separated path, allowing an attacker to bypass the...

9.8CVSS5.8AI score0.00303EPSS
Exploits2References4
Rows per page
Query Builder