CVE-2025-57349 | messageformat up to 2.3.0 prototype pollution (Issue 452)

A vulnerability was found in messageformat up to 2.3.0. It has been rated as critical. This affects an unknown function. Performing manipulation results in improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability was named CVE-2025-57349. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More