Lucene search
K

6 matches found

CVE
CVE
added 2026/05/13 2:41 p.m.36 views

CVE-2026-44290

CVE-2026-44290 affects protobufjs, where certain schema option paths could traverse inherited properties during option processing, potentially corrupting process-wide built-in functionality. This vulnerability exists in versions prior to 7.5.6 and 8.0.2 and can enable a crafted protobuf schema or...

7.5CVSS5.8AI score0.00374EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/13 2:41 p.m.8 views

CVE-2026-44290 protobufjs: Process-wide denial of service through unsafe option paths

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write...

7.5CVSS5.8AI score0.00374EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 2:41 p.m.57 views

CVE-2026-44290 protobufjs: Process-wide denial of service through unsafe option paths

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write...

7.5CVSS0.00374EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/12 3:1 p.m.20 views

protobuf.js: Process-wide denial of service through unsafe option paths

Summary protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write to properties on global JavaScript constructors, corrupting process-wide built-in...

7.5CVSS6.2AI score0.00374EPSS
Exploits0References5Affected Software1
Patchstack
Patchstack
added 2026/05/12 3:1 p.m.9 views

NPM: protobuf.js: Process-wide denial of service through unsafe option paths

NPM: protobuf.js: Process-wide denial of service through unsafe option paths vulnerability discovered by ? in WordPress Npm protobufjs versions = 7.5.5...

7.5CVSS5.8AI score0.00374EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/12 3:1 p.m.12 views

GHSA-JVWF-75H9-CWGG protobuf.js: Process-wide denial of service through unsafe option paths

Summary protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write to properties on global JavaScript constructors, corrupting process-wide built-in...

7.5CVSS6.2AI score0.00374EPSS
Exploits0References5
Rows per page
Query Builder