Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

127 matches found

Positive Technologies
Positive Technologiesadded 2025/10/23 12:0 a.m.2 views

PT-2025-43560

Name of the Vulnerable Software and Affected Versions Rollbar.js versions prior to 2.26.5 Rollbar.js versions 3.0.0-alpha1 through 3.0.0-beta5 Description Rollbar.js provides error tracking and logging from Javascript to Rollbar. A prototype pollution issue exists in the merge function when...

5.9CVSS6.8AI score0.00064EPSS
Exploits0References16
CNNVD
CNNVDadded 2025/10/23 12:0 a.m.2 views

Rollbar.js 安全漏洞

Rollbar.js is a bug tracking and logging library from Rollbar open source. A security vulnerability exists in Rollbar.js versions prior to 2.26.5 and versions prior to 3.0.0-alpha1 through 3.0.0-beta5, which stems from a prototype contamination in the merge function that could lead to malicious...

5.9CVSS6.4AI score0.00064EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-2399

Malware in sbrugna...

9.8CVSS9.1AI score0.00235EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-1256

Malware in sbrugna...

9.8CVSS9.3AI score0.00391EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2019-0737

Malware in sbrugna...

7.5CVSS6.9AI score0.00411EPSS
Exploits1References14
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-1982

Malware in sbrugna...

7.5CVSS7.6AI score0.00263EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-2452

Malware in sbrugna...

9.8CVSS9.4AI score0.0053EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-0813

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01455EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/09/29 4:38 p.m.2 views

CVE-2025-3193

Versions of the package algoliasearch-helper from 2.0.0-rc1 and before 3.11.2 are vulnerable to Prototype Pollution in the merge function in merge.js, which allows constructor.prototype to be written even though doing so throws an error. In the "extreme edge-case" that the resulting error is...

9.8CVSS6.7AI score0.00235EPSS
Exploits2References6
OSV
OSVadded 2025/09/27 6:30 a.m.1 views

GHSA-529Q-4J3P-7C5R algoliasearch-helper is vulnerable to Prototype Pollution in _merge()

Versions of the package algoliasearch-helper from 2.0.0-rc1 and before 3.11.2 are vulnerable to Prototype Pollution in the merge function in merge.js, which allows constructor.prototype to be written even though doing so throws an error. In the "extreme edge-case" that the resulting error is...

5.9CVSS7.2AI score0.00097EPSS
Exploits1References5
NVD
NVDadded 2025/09/27 5:15 a.m.2 views

CVE-2025-3193

Versions of the package algoliasearch-helper from 2.0.0-rc1 and before 3.11.2 are vulnerable to Prototype Pollution in the merge function in merge.js, which allows constructor.prototype to be written even though doing so throws an error. In the "extreme edge-case" that the resulting error is...

7.5CVSS0.00097EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/09/27 5:0 a.m.2 views

CVE-2025-3193

Versions of the package algoliasearch-helper from 2.0.0-rc1 and before 3.11.2 are vulnerable to Prototype Pollution in the merge function in merge.js, which allows constructor.prototype to be written even though doing so throws an error. In the "extreme edge-case" that the resulting error is...

7.5CVSS6.7AI score0.00097EPSS
Exploits1References3
CVE
CVEadded 2025/09/27 5:0 a.m.13 views

CVE-2025-3193

The CVE-2025-3193 entry concerns algoliasearch-helper versions 2.0.0-rc1 through 3.11.2 (and earlier) with a Prototype Pollution in the _merge() function of merge.js. The underlying issue allows modification of constructor.prototype and, in an extreme edge-case where the resulting error is caught...

7.5CVSS6.7AI score0.00097EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2025/09/27 5:0 a.m.5 views

CVE-2025-3193

Versions of the package algoliasearch-helper from 2.0.0-rc1 and before 3.11.2 are vulnerable to Prototype Pollution in the merge function in merge.js, which allows constructor.prototype to be written even though doing so throws an error. In the "extreme edge-case" that the resulting error is...

7.5CVSS0.00097EPSS
Exploits1References3
CNNVD
CNNVDadded 2025/09/27 12:0 a.m.2 views

algoliasearch-helper 安全漏洞

algoliasearch-helper is an open source JavaScript module from Algolia that helps you keep track of search parameters and provides a higher level API. A security vulnerability exists in algoliasearch-helper version 2.0.0-rc1 through versions prior to 3.11.2, which stems from prototype contaminatio...

7.5CVSS6.7AI score0.00097EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/05/22 8:43 p.m.2 views

CVE-2021-39227

ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to 5.2.1, using merge and clone helper methods in the src/core/util.ts module results in prototype pollution. It affects the popular data visualization library Apache ECharts, which uses and exports...

9.8CVSS7.2AI score0.00265EPSS
Exploits0References1
Snyk
Snykadded 2025/02/05 9:41 p.m.0 views

Prototype Pollution

Overview org.webjars.npm:xe-utils is a JavaScript 函数库、工具类 Affected versions of this package are vulnerable to Prototype Pollution through the merge function. Details Prototype Pollution is a vulnerability affecting JavaScript. Prototype Pollution refers to the ability to inject properties into...

7.5CVSS8AI score0.00195EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/02/05 12:0 a.m.1 views

xe-utils 安全漏洞

xe-utils is an open source javascript library, toolkit from XE. A security vulnerability exists in xe-utils version v3.5.31, which stems from the lib.merge function containing a prototype contamination vulnerability...

7.5CVSS6.6AI score0.00195EPSS
Exploits0References1
Snyk
Snykadded 2023/02/12 10:39 a.m.2 views

Prototype Pollution

Overview algoliasearch-helper is a Helper for implementing advanced search features with algolia Affected versions of this package are vulnerable to Prototype Pollution in the merge function in merge.js, which allows constructor.prototype to be written even though doing so throws an error. In the...

9.8CVSS8.9AI score0.00235EPSS
Exploits2References2
RedHat Linux
RedHat Linuxadded 2023/01/25 12:30 p.m.3 views

AngularJS: Prototype pollution in merge function could result in code injection

A prototype pollution vulnerability was found in AngularJS. A remote attacker could abuse this flaw by providing malicious input to the merge function by overriding or adding properties of the Object.prototype, allowing possible injection of code...

7.5CVSS7.1AI score0.00411EPSS
Exploits1References5
Rows per page
Query Builder