Prototype Pollution in Xdan Jodit

CVE-2026-55886

Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. Versions prior to 4.12.26 are vulnerable to Prototype Pollution through Jodit.modules.Helpers.set(chain, value, obj), which walks the dot…

Vulnerability class: Prototype Pollution

Affected products

Weakness classification (CWE)

References