CVE-2026-27837 | mickhansen dottie.js up to 2.0.6 set prototype pollution (GHSA-4gxf-g5gf-22h4)

Inserito da Angelo Barbosa | Feb 26, 2026 | CVE

A vulnerability was found in mickhansen dottie.js up to 2.0.6. It has been rated as critical. Impacted is the function Set. This manipulation causes improperly controlled modification of object prototype attributes.

This vulnerability is registered as CVE-2026-27837. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-27837 | mickhansen dottie.js up to 2.0.6 set prototype pollution (GHSA-4gxf-g5gf-22h4)

Post correlati

CVE-2024-47902 | Siemens InterMesh 7177 Hybrid 2.0 Subscriber prior 8.2.12 Web Server missing authentication (ssa-333468)

CVE-2025-22620 | GitoxideLabs gitoxide up to 0.16.x Executable File permissions

CVE-2024-12445 | RightMessage WP Plugin up to 0.9.7 on WordPress cross site scripting

CVE-2024-5528 | GitLab Community Edition/Enterprise Edition up to 16.11.5/17.0.3/17.1.1 incomplete comparison with missing factors (Issue 464558)