A vulnerability classified as problematic was found in antv layout 2.0.0. This impacts the function
setNestedValue in the library lib/util/object.js. Executing a manipulation of the argument path can lead to improperly controlled modification of object prototype attributes.
This vulnerability is tracked as CVE-2026-15598. The attack can be launched remotely. No exploit exists.
The project was informed of the problem early through an issue report but has not responded yet.