CVE-2026-5758

Summary

JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution.

Affected Software

VendorProductVersion RangeStatus
MafintoshProtocol-buffers-schema parser3.6.0 < 3.6.1affected

Weaknesses

  • CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References