CVE-2025-26278 | dref 0.1.2 lib.set prototype pollution

September 25, 2025 Yanac

A vulnerability was found in dref 0.1.2. It has been classified as problematic. This affects the function lib.set. This manipulation causes improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is registered as CVE-2025-26278. Remote exploitation of the attack is possible. Furthermore, an exploit is available.VulDB Recent EntriesRead More

CVE-2025-59830 | Rack up to 2.2.17 Configuration Rack::QueryParser resource consumption (GHSA-625h-95r8-8xpm)
CVE-2025-57317 | apidoc-core up to 0.15.0 preProcess prototype pollution