CVE-2026-54335
LOW SEVERITYCVSS Score & Metrics
Base Score
3.7 / 10
Vulnerability Description
Prototype pollution in @feathersjs/commons _.merge via JSON-parsed __proto__
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
npm
Product
@feathersjs/commons
External References
- https://github.com/feathersjs/feathers/security/advisories/GHSA-28xv-ph75-77wh
- https://github.com/feathersjs/feathers/pull/3690
- https://github.com/feathersjs/feathers/commit/28b3c03c63bdbff53115fdaa46c56980e7942acc
- https://github.com/feathersjs/feathers/releases/tag/v5.0.45
- https://github.com/advisories/GHSA-28xv-ph75-77wh
Discussion (0)
Add Comment
No comments yet. Be the first!