15 matches found
CVE-2026-5758
A flaw was found in the protocol-buffers-schema JavaScript library. This vulnerability, known as prototype pollution, allows an attacker to inject malicious properties into an object's core definition. This could enable an attacker to change how an application behaves, bypass security measures, o...
@amitojsingh366/keepkey-hardware-controller (=0.0.10), @apsiocoin/protobuf-serialization (=0.0.1-alpha1) +178 more potentially affected by CVE-2026-5758 via protocol-buffers-schema (>=3.1.0 <=3.6.0)
protocol-buffers-schema NPM version =3.1.0, =2.0.9, =2.0.7, =2.1.2, =0.0.25, =0.0.19, =2.0.12, =2.0.11, =0.0.12, =6.1.2, =0.18.4, =0.18.4, =1.16.11, =1.4.2, =2.14.3 and more Source cves: CVE-2026-5758 Source advisory: SNYK:JS-PROTOCOLBUFFERSSCHEMA-16420259...
com.graphhopper:graphhopper-web-bundle (>=3.0 <=client_hc_no_vehicle), org.webjars.npm:geobuf (=3.0.2) +19 more potentially affected by CVE-2026-5758 via org.webjars.npm:protocol-buffers-schema (=3.6.0)
org.webjars.npm:protocol-buffers-schema MAVEN version =3.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:protocol-buffers-schema and may be impacted: - com.graphhopper:graphhopper-web-bundle =3.0, =1.10.1, =3.0.0-pre.4, =4.0.3,...
Prototype Pollution
Overview protocol-buffers-schema is a No nonsense protocol buffers schema parser written in Javascript Affected versions of this package are vulnerable to Prototype Pollution via the parse function. An attacker can modify object prototypes, potentially altering application logic, bypassing securi...
Mafintosh's protocol-buffers-schema is vulnerable to prototype pollution
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
EUVD-2026-22993
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
@amitojsingh366/keepkey-hardware-controller (=0.0.10), @apsiocoin/protobuf-serialization (=0.0.1-alpha1) +202 more potentially affected by CVE-2026-5758 via protocol-buffers-schema (>=2.2.0 <=3.6.0)
protocol-buffers-schema NPM version =2.2.0, =2.0.9, =2.0.7, =2.1.2, =0.0.25, =0.0.19, =2.0.12, =2.0.11, =0.0.12, =6.1.2, =0.18.4, =0.18.4, =1.16.11, =1.4.2, =2.14.3 and more Source cves: CVE-2026-5758 Source advisory: OSV:GHSA-J452-XHG8-QG39...
GHSA-J452-XHG8-QG39 Mafintosh's protocol-buffers-schema is vulnerable to prototype pollution
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
Prototype Pollution
Overview org.webjars.npm:protocol-buffers-schema is a No nonsense protocol buffers schema parser written in Javascript Affected versions of this package are vulnerable to Prototype Pollution via the parse function. An attacker can modify object prototypes, potentially altering application logic,...
CVE-2026-5758
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
CVE-2026-5758 Mafintosh's protocol-buffers-schema is vulnerable to prototype pollution
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
CVE-2026-5758
CVE-2026-5758 is a prototype pollution vulnerability in Mafintosh's protocol-buffers-schema 3.6.0. IBM's security postings confirm the issue can allow an attacker to alter application logic, bypass security checks, cause a DoS, or achieve remote code execution. Affected product: IBM Maximo Applic...
CVE-2026-5758 Mafintosh's protocol-buffers-schema is vulnerable to prototype pollution
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
CVE-2026-5758
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
protocol-buffers-schema 安全漏洞
protocol-buffers-schema is a Protocol Buffers pattern parser written in JavaScript by Mathias Buus. Version 3.6.0 of protocol-buffers-schema contains a security vulnerability, which stems from JavaScript prototype pollution. This vulnerability could allow attackers to alter application logic,...