CVE-2026-33993 | locutusjs locutus up to 3.0.24 unserialize prototype pollution

A vulnerability marked as problematic has been reported in locutusjs locutus up to 3.0.24. Affected by this vulnerability is the function unserialize. Performing a manipulation results in improperly controlled modification of object prototype attributes.

This vulnerability is reported as CVE-2026-33993. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More