Prototype Pollution in Xdan Jodit

CVE-2026-54756

Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. In versions prior to 4.12.18, Jodit.configure(options) — and the internal ConfigMerge / ConfigProto helpers — merged user-supplied option…

Vulnerability class: Prototype Pollution

Affected products

Weakness classification (CWE)

References