CVE-2026-33994 | locutusjs locutus up to 3.0.24 Query prototype pollution

Inserito da Angelo Barbosa | Mar 27, 2026 | CVE

A vulnerability was found in locutusjs locutus up to 3.0.24. It has been classified as problematic. This affects an unknown function of the component Query Handler. The manipulation leads to improperly controlled modification of object prototype attributes.

This vulnerability is referenced as CVE-2026-33994. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is recommended.

CVE-2026-33994 | locutusjs locutus up to 3.0.24 Query prototype pollution

Post correlati

CVE-2023-49783 | SilverStripe Admin up to 1.13.18/2.1.7 getCheckPermissions authorization

CVE-2023-53767 | Linux Kernel up to 6.3.3 wifi ath12k_qmi_driver_event_work memory leak

CVE-2025-37109 | HPE Telco Service Activator up to 10.3.1 cross site scripting

CVE-2020-26071 | Cisco Catalyst SD-WAN Manager CLI path traversal (cisco-sa-vsoln-arbfile-gtsEYxns)