Falhas do tipo CWE-1321
304 resultadosCVE-2026-8161HIGHmultiparty vulnerable to Denial of Service via Prototype Pollution leading to Uncaught ExceptionEPSS 0.5%CVE-2025-66456CRITICALElysia vulnerable to prototype pollution with multiple standalone schema validationEPSS 0.5%CVE-2024-38997MEDIUMadolph_dudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function extendDefaults. This vulnerability allows aEPSS 0.5%CVE-2026-26021CRITICALPrototype pollution in set-inEPSS 0.5%CVE-2024-34698MEDIUMPrototype Pollution in getQueryParam Function (URL Query Parser)EPSS 0.5%CVE-2025-70956HIGHA State Pollution vulnerability was discovered in the TON Virtual Machine (TVM) before v2025.04. The issue exists in the RUNVM instruction lEPSS 0.5%CVE-2024-57077CRITICALThe latest version of utils-extend (1.0.8) is vulnerable to Prototype Pollution through the entry function(s) lib.extend. An attacker can suEPSS 0.5%CVE-2025-57354MEDIUMA vulnerability exists in the 'counterpart' library for Node.js and the browser due to insufficient sanitization of user-controlled input inEPSS 0.5%CVE-2024-57063HIGHA prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service (DoS) via supplying a cEPSS 0.5%CVE-2024-57066HIGHA prototype pollution in the lib.deep function of @ndhoule/defaults v2.0.1 allows attackers to cause a Denial of Service (DoS) via supplyingEPSS 0.4%CVE-2025-13158CRITICALapidoc-core - prototype pollution in api_group.js, api_param_title.js, api_use.js, and api_permission.js workerEPSS 0.4%CVE-2026-32701HIGHQwik has array method pollution in FormData processing, allowing type confusion and DoSEPSS 0.4%CVE-2021-4278MEDIUMcronvel tree-kit prototype pollutionEPSS 0.4%CVE-2024-36577HIGHapphp js-object-resolver < 3.1.1 is vulnerable to Prototype Pollution via Module.setNestedProperty.EPSS 0.4%CVE-2024-36574MEDIUMA Prototype Pollution issue in flatten-json 1.0.1 allows an attacker to execute arbitrary code via module.exports.unflattenJSON (flatten-jsoEPSS 0.4%CVE-2026-34622HIGHAcrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)EPSS 0.4%CVE-2026-48714CRITICALi18next-http-middleware missingKeyHandler does not reject keys whose segments contain prototype-polluting namesEPSS 0.4%CVE-2024-39018MEDIUMharvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows EPSS 0.4%CVE-2026-48713CRITICALi18next-fs-backend: Prototype pollution via crafted missing-key stringEPSS 0.4%CVE-2025-63703CRITICALnpm package parse-ini v1.0.6 is vulnerable to Prototype Pollution in index.js().EPSS 0.4%