CVE-2026-34221 | mikro-orm MikroORM up to 6.6.9/7.0.5 Javascript Object prototype pollution

Inserito da Angelo Barbosa | Mar 31, 2026 | CVE

A vulnerability classified as critical has been found in mikro-orm MikroORM up to 6.6.9/7.0.5. The affected element is an unknown function of the component Javascript Object Handler. The manipulation leads to improperly controlled modification of object prototype attributes.

This vulnerability is uniquely identified as CVE-2026-34221. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2026-34221 | mikro-orm MikroORM up to 6.6.9/7.0.5 Javascript Object prototype pollution

Post correlati

CVE-2025-58134 | Zoom Workplace Desktop up to 6.4.x on Windows improper authorization

CVE-2026-34041 | nektos act prior 0.2.86 set-env/add-path injection

CVE-2023-50739 | Lexmark CX331adwe IPP Server heap-based overflow

CVE-2024-24564 | Vyper up to 0.3.10 extract32 start out-of-bounds (GHSA-4hwq-4cpm-8vmx)