Prototype Pollution
@feathersjs/commons is vulnerable to Prototype Pollution. The vulnerability is due to unsafe recursive merging of attacker-controlled objects containing proto, constructor, or prototype properties, which allows an attacker to pollute the global object prototype when untrusted JSON input is passed...