2 matches found
EUVD-2026-41208
Craft CMS: Missing peer-permission check in AssetsController::actionDeleteFolder allows deletion of other users' assets...
nodejs-lodash: prototype pollution in zipObjectDeep function
A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to data integrity and system availability...