Vulnerability in Mafintosh Protocol-buffers-schema Parser
CVE-2026-5758
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution.
EPSS: 0.001 (17.8th percentile) — read the EPSS interpretation.
Affected products
- Mafintosh Protocol-buffers-schema Parser — versions 3.6.0