Fallos del tipo CWE-1321
304 resultadosCVE-2023-45282HIGHIn NASA Open MCT (aka openmct) before 3.1.0, prototype pollution can occur via an import action.EPSS 0.9%CVE-2023-46308CRITICALIn Plotly plotly.js before 2.25.2, plot API calls have a risk of __proto__ being polluted in expandObjectPaths or nestedProperty.EPSS 0.9%CVE-2022-36059HIGHPrototype pollution in matrix-js-sdkEPSS 0.9%CVE-2020-36604HIGHhoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in the clone function.EPSS 0.9%CVE-2024-39008CRITICALrobinweser fast-loops v1.1.3 was discovered to contain a prototype pollution via the function objectMergeDeep. This vulnerability allows attEPSS 0.9%CVE-2024-39011CRITICALPrototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and causeEPSS 0.9%CVE-2024-39010CRITICALchase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allEPSS 0.9%CVE-2026-28794CRITICALoRPC: Prototype Pollution in `@orpc/client` via `StandardRPCJsonSerializer` DeserializationEPSS 0.9%CVE-2022-36060HIGHPrototype pollution in matrix-react-sdkEPSS 0.9%CVE-2024-57708MEDIUMAn issue in OneTrust SDK v.6.33.0 allows a local attacker to cause a denial of service via the Object.setPrototypeOf, __proto__, and Object.EPSS 0.9%CVE-2022-25904HIGHPrototype PollutionEPSS 0.9%CVE-2026-24888MEDIUMMaker.js Vulnerable to Unsafe Property Copying in makerjs.extendObjectEPSS 0.9%CVE-2022-41878HIGHParse Server Prototype pollution and Injection via Cloud Code Webhooks or Cloud Code TriggersEPSS 0.9%CVE-2026-42231CRITICALn8n: Prototype Pollution in XML Webhook Body Parser Leads to RCEEPSS 0.9%CVE-2021-3815HIGHPrototype Pollution in fabiocaccamo/utils.jsEPSS 0.8%CVE-2024-39001MEDIUMag-grid-enterprise v31.3.2 was discovered to contain a prototype pollution via the component _ModuleSupport.jsonApply. This vulnerability alEPSS 0.8%CVE-2024-38991HIGHakbr patch-into v1.0.1 was discovered to contain a prototype pollution via the function patchInto. This vulnerability allows attackers to exEPSS 0.8%CVE-2024-38992HIGHairvertco frappejs v0.0.11 was discovered to contain a prototype pollution via the function registerView. This vulnerability allows attackerEPSS 0.8%CVE-2022-41879HIGHParse Server subject to Prototype pollution via Cloud Code WebhooksEPSS 0.8%CVE-2023-26158HIGHAll versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute EPSS 0.8%