Lucene search
+L

98 matches found

RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.5 views

lodash: prototype pollution in _.unset and _.omit functions

A flaw was found in Lodash. A prototype pollution vulnerability in the .unset and .omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service...

8.2CVSS6.5AI score0.01535EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 12:13 a.m.6 views

lodash: prototype pollution in _.unset and _.omit functions

A flaw was found in Lodash. A prototype pollution vulnerability in the .unset and .omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service...

8.2CVSS6.5AI score0.01535EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:20 p.m.3 views

Security Bulletin: Vulnerability in Lodash affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Lodash has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

8.2CVSS6.5AI score0.01535EPSS
Exploits0Affected Software2
RedHat Linux
RedHat Linux
added 2026/06/10 3:39 p.m.9 views

lodash: prototype pollution in _.unset and _.omit functions

A flaw was found in Lodash. A prototype pollution vulnerability in the .unset and .omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service...

8.2CVSS6.3AI score0.01535EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 6:38 p.m.7 views

Security Bulletin: Langflow OSS affected by vulnerabilies in Lodash versions 4.17.23 and earlier

Summary Langflow OSS affected by vulnerabilies in Lodash versions 4.17.23 and earlier Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465:...

9.8CVSS5.9AI score0.02474EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/08 1:52 a.m.14 views

lodash: prototype pollution in _.unset and _.omit functions

A flaw was found in Lodash. A prototype pollution vulnerability in the .unset and .omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service...

8.2CVSS6.3AI score0.01535EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/03 4:24 a.m.23 views

Security Bulletin: Due to use of lodash-es-4.17.21.tgz, IBM Sterling Connect:Direct Web Services is vulnerable to prototype pollution in the _.unset and _.omit functions.

Summary lodash-es-4.17.21.tgz is used by IBM Sterling Connect:Direct Web Services CVE-2025-13465, CVE-2026-2950. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the .unset and .omit functions. An attacker can...

8.2CVSS5.8AI score0.01535EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/05/28 3:43 p.m.17 views

RLSA-2026:18868 Important: linux-sgx security update

The Intel SGX SDK is a collection of APIs, libraries, documentations and tools that allow software developers to create and debug Intel SGX enabled applications in C/C++. Security Fixes: qs: qs: Denial of Service via improper input validation in array parsing CVE-2025-15284 node-tar: tar: node-ta...

8.8CVSS5.8AI score0.01535EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added 2026/05/19 1:54 p.m.16 views

lodash: prototype pollution in _.unset and _.omit functions

A flaw was found in Lodash. A prototype pollution vulnerability in the .unset and .omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service...

8.2CVSS6.6AI score0.01535EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/19 9:16 a.m.15 views

lodash: prototype pollution in _.unset and _.omit functions

A flaw was found in Lodash. A prototype pollution vulnerability in the .unset and .omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service...

8.2CVSS6.6AI score0.01535EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 12:15 p.m.7 views

Security Bulletin: Lodash Prototype Pollution Bypass in _.unset and _.omit via Array Path Segments

Summary Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465: https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg only guards against string key members, so an attacker can bypass the check by...

8.2CVSS7.1AI score0.01535EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/21 5:31 p.m.2 views

lodash: Lodash: Prototype pollution allows deletion of built-in prototype properties via array path bypass

A flaw was found in Lodash. An attacker can exploit a prototype pollution vulnerability in the .unset and .omit functions by bypassing a security check. This bypass is achieved by providing array-wrapped path segments, which allows for the deletion of properties from built-in JavaScript prototype...

6.5CVSS6.5AI score0.00317EPSS
Exploits0References5
Veracode
Veracode
added 2026/04/16 6:2 a.m.13 views

Prototype Pollution

Lodash is vulnerable to Prototype Pollution. The vulnerability is due to incomplete validation of path segments in .unset and .omit functions, which allows an attacker to bypass checks using array-wrapped inputs and delete properties from built-in prototypes...

6.5CVSS5.7AI score0.00317EPSS
Exploits0References1Affected Software4
RedHat Linux
RedHat Linux
added 2026/04/11 12:49 a.m.3 views

lodash: Lodash: Prototype pollution allows deletion of built-in prototype properties via array path bypass

A flaw was found in Lodash. An attacker can exploit a prototype pollution vulnerability in the .unset and .omit functions by bypassing a security check. This bypass is achieved by providing array-wrapped path segments, which allows for the deletion of properties from built-in JavaScript prototype...

6.5CVSS6.5AI score0.00317EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/10 1:3 p.m.2 views

lodash: Lodash: Prototype pollution allows deletion of built-in prototype properties via array path bypass

A flaw was found in Lodash. An attacker can exploit a prototype pollution vulnerability in the .unset and .omit functions by bypassing a security check. This bypass is achieved by providing array-wrapped path segments, which allows for the deletion of properties from built-in JavaScript prototype...

6.5CVSS6.5AI score0.00317EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-2950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465:...

8.2CVSS6.7AI score0.01535EPSS
Exploits0References3
OSV
OSV
added 2026/04/01 11:50 p.m.7 views

GHSA-F23M-R3PF-42RH lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`

Impact Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465 only guards against string key members, so an attacker can bypass the check by passing array-wrapped path segments. This allows deletion of properties fro...

6.5CVSS5.9AI score0.01535EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/01 11:50 p.m.5 views

EUVD-2026-17591

lodash vulnerable to Prototype Pollution via array path bypass in .unset and .omit...

6.5CVSS5.9AI score0.00317EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/01 11:50 p.m.45 views

lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`

Impact Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465 only guards against string key members, so an attacker can bypass the check by passing array-wrapped path segments. This allows deletion of properties fro...

6.5CVSS5.9AI score0.00317EPSS
Exploits0References4Affected Software4
Snyk
Snyk
added 2026/03/31 11:2 p.m.2 views

Prototype Pollution

Overview org.webjars.npm:lodash is a modern JavaScript utility library delivering modularity, performance, & extras. Affected versions of this package are vulnerable to Prototype Pollution via the .unset and .omit functions. An attacker can delete properties from built-in prototypes by supplying...

8.2CVSS7AI score0.01535EPSS
Exploits0References2
Rows per page
Query Builder