CVE-2026-5758

Published April 15th, 2026

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution.

mafintosh/protocol-buffers-schema

No nonsense protocol buffers schema parser written in Javascript

GitHub

123