Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1321

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Parent: CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

473 vulnerabilities with CWE-1321

CVE-2026-4239 LOW

Lagom WHMCS Template Datatables prototype pollution

CVE-2026-32621 CRITICAL

Apollo Federation has prototype pollution via incomplete key sanitization

CVE-2026-30226 HIGH

Svelte devalue <=5.6.3 - Deserialization

CVE-2026-30939 HIGH

Parse Server <8.6.13/9.5.1-alpha.2 - DoS

CVE-2026-29063 CRITICAL

Immutable.js <3.8.3/4.3.7/5.1.5 - Prototype Pollution

CVE-2026-28794 CRITICAL

@orpc/client <1.13.6 - Deserialization

CVE-2026-30785 MEDIUM

RustDesk Client - Info Disclosure

CVE-2026-27837 MEDIUM

Dottie 2.0.4-2.0.6 - Prototype Pollution

CVE-2026-2964 MEDIUM

higuma web-audio-recorder-js 0.1/0.1.1 - Prototype Pollution

CVE-2026-27212 HIGH

Swiper 6.5.1-12.1.1 - Prototype Pollution

CVE-2026-26021 CRITICAL

Set-in < 2.0.5 - Prototype Pollution

CVE-2026-25881 CRITICAL

Nyariv Sandboxjs < 0.8.31 - Prototype Pollution

CVE-2026-25754 HIGH

Adonisjs Bodyparser < 10.1.3 - Prototype Pollution

CVE-2026-25521 HIGH

NPM Locutus < 2.0.39 - Prototype Pollution

CVE-2026-25150 CRITICAL

Qwik < 1.19.0 - Prototype Pollution

CVE-2026-25142 CRITICAL

Nyariv Sandboxjs < 0.8.27 - Code Injection

CVE-2026-25047 HIGH

NPM Deephas < 1.0.8 - Prototype Pollution

CVE-2026-24888 MEDIUM

Microsoft Maker.js < 0.19.1 - Prototype Pollution

CVE-2026-24766 MEDIUM

Nocodb < 0.301.0 - Prototype Pollution

CVE-2026-23736 HIGH

seroval <1.4.1 - Prototype Pollution

CVE-2026-21854 CRITICAL

Tarkov Data Manager < 2025-01-02 - Authentication Bypass

CVE-2025-70956 HIGH

TON TVM <2025.04 - Info Disclosure

CVE-2025-61140 CRITICAL

jsonpath 1.1.1 - Info Disclosure

CVE-2025-13465 MEDIUM

NPM Lodash < 4.17.23 - Prototype Pollution

CVE-2025-13158 CRITICAL

NPM Apidoc-core - Prototype Pollution

Previous Page 2 of 19 Next

Details

Vulnerabilities 473

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy