Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1321

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Parent: CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

473 vulnerabilities with CWE-1321

CVE-2025-57330 HIGH

Web3js Web3-core-subscriptions < 1.10.4 - Prototype Pollution

CVE-2025-57354 MEDIUM

NPM Counterpart - Prototype Pollution

CVE-2025-57353 MEDIUM

Messageformat Runtime < 3.0.2 - Prototype Pollution

CVE-2025-57352 MEDIUM

NPM Min-document < 2.19.1 - Prototype Pollution

CVE-2025-57350 HIGH

Keyangxiang Csvtojson < 2.0.10 - Prototype Pollution

CVE-2025-58280 HIGH

Huawei Harmonyos - Prototype Pollution

CVE-2025-57820 HIGH

NPM Devalue < 5.3.2 - Prototype Pollution

CVE-2025-55195 HIGH

@std/toml <1.0.9 - Prototype Pollution

CVE-2025-55164 HIGH

content-security-policy-parser <0.6.0 - Prototype Pollution

CVE-2025-54803 HIGH

Sunnyadn Js-toml < 1.0.2 - Prototype Pollution

CVE-2025-34146 HIGH

Nyariv Sandboxjs < 0.8.24 - Prototype Pollution

CVE-2025-8101 HIGH

NPM Linkifyjs < 4.3.2 - Prototype Pollution

CVE-2025-53626 MEDIUM

pdfme <5.4.0 - RCE

CVE-2025-49223 CRITICAL

Naver Billboard.js < 3.15.1 - Prototype Pollution

CVE-2025-48054 MEDIUM

NPM Radashi < 12.5.1 - Prototype Pollution

CVE-2025-5150 MEDIUM

Linuxfoundation Docarray < 0.40.1 - Code Injection

CVE-2025-26621 HIGH

Citeum Opencti < 6.5.2 - Code Injection

CVE-2025-25014 CRITICAL

Kibana - Code Injection

CVE-2025-3982 MEDIUM

nortikin Sverchok 1.3.0 - Prototype Pollution

CVE-2025-32014 MEDIUM

NPM Estree-util-value-to-estree < 3.3.3 - Prototype Pollution

CVE-2025-31475 MEDIUM

Amauri Tarteaucitronjs < 1.20.1 - Prototype Pollution

CVE-2025-3197 HIGH

NPM Expand-object - Prototype Pollution

CVE-2025-25977 CRITICAL

Canvg < 3.0.11 - Prototype Pollution

CVE-2025-27597 HIGH

Intlify Message-resolver < 9.1.11 - Prototype Pollution

CVE-2025-25015 CRITICAL

Kibana <8.17.1 - RCE

Previous Page 4 of 19 Next

Details

Vulnerabilities 473

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy