CVE-2026-33672 | micromatch picomatch up to 2.3.1/3.0.1/4.0.3 POSIX character prototype pollution

A vulnerability categorized as critical has been discovered in micromatch picomatch up to 2.3.1/3.0.1/4.0.3. Affected by this vulnerability is the function character of the component POSIX Handler. The manipulation results in improperly controlled modification of object prototype attributes.

This vulnerability is known as CVE-2026-33672. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More