CVE-2025-26278 | dref 0.1.2 lib.set prototype pollution

Inserito da Angelo Barbosa | Set 25, 2025 | CVE

A vulnerability was found in dref 0.1.2. It has been classified as problematic. This affects the function lib.set. This manipulation causes improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is registered as CVE-2025-26278. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2025-26278 | dref 0.1.2 lib.set prototype pollution

Post correlati

CVE-2024-11922 | Fortra GoAnywhere MFT up to 7.7.1 Email cross site scripting

CVE-2024-37278 | Pratik Chaskar Cards for Beaver Builder Plugin up to 1.1.4 on WordPress cross site scripting

CVE-2025-45768 | jpadilla pyjwt 2.10.1 inadequate encryption

CVE-2025-25101 | MetricThemes Munk Sites Plugin up to 1.0.7 on WordPress cross-site request forgery