Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Snyk
Snykadded 2026/05/06 5:34 p.m.2 views

Prototype Pollution

Overview next-intl is an Internationalization i18n for Next.js Affected versions of this package are vulnerable to Prototype Pollution in the setNestedProperty function when processing translation catalog keys containing reserved properties such as proto, constructor, or prototype. An attacker ca...

6.6CVSS6.3AI score
Exploits0References2
GithubExploit
GithubExploitadded 2026/03/20 6:54 p.m.180 views

Exploit for Missing Authorization in Scshr Hr_Portal

CVE-2025-48734: Apache Commons BeanUtils – enum declaredClass...

8.8CVSS7.8AI score0.00304EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2026/01/09 9:33 a.m.3 views

CVE-2024-39010

chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

9.8CVSS8.2AI score0.00442EPSS
Exploits1References1
RedHat Linux
RedHat Linuxadded 2025/06/16 3:3 p.m.3 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.00258EPSS
Exploits1References8
RedhatCVE
RedhatCVEadded 2025/05/23 9:18 a.m.0 views

CVE-2024-36577

apphp js-object-resolver 3.1.1 is vulnerable to Prototype Pollution via Module.setNestedProperty...

8.3CVSS7.1AI score0.00175EPSS
Exploits0References1
OSV
OSVadded 2025/04/04 5:15 a.m.0 views

CVE-2025-3197

Versions of the package expand-object from 0.0.0 are vulnerable to Prototype Pollution in the expand function in index.js. This function expands the given string into an object and allows a nested property to be set without checking the provided keys for sensitive properties like proto...

6.9CVSS5.7AI score0.00313EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/07/30 12:0 a.m.1 views

snapstate 安全漏洞

snapstate is a library by the individual developer Chase Moskal. A security vulnerability exists in snapstate version v0.0.9, which stems from the discovery of a contained prototype contamination via the attemptNestedProperty function. An attacker could exploit the vulnerability to execute...

9.8CVSS7.6AI score0.00442EPSS
Exploits1References2
OSV
OSVadded 2024/01/03 5:15 a.m.2 views

CVE-2023-46308

In Plotly plotly.js before 2.25.2, plot API calls have a risk of proto being polluted in expandObjectPaths or nestedProperty...

9.8CVSS9.4AI score
Exploits0References3
Hacker One
Hacker Oneadded 2020/02/04 4:0 p.m.10 views

Node.js third-party modules: [nested-property] Prototype Pollution

Hi team, I would like to report a prototype pollution vulnerability in nested-property that allows an attacker to modify properties on Object.prototype. Module name:nested-property version: 1.0.4 npm page: https://www.npmjs.com/package/nested-property Module Description Read, write or test a data...

0.8AI score
Exploits0
Rows per page
Query Builder