CVE-2026-15195 | apidevtools json-schema-ref-parser up to 15.3.5 lib/pointer.ts Refs.set/Pointer.set prototype pollution (Issue 421)

SecurityVulns

A vulnerability was found in apidevtools json-schema-ref-parser up to 15.3.5 and classified as critical. This impacts the function Refs.set/Pointer.set in the library lib/pointer.ts. Executing a manipulation can lead to improperly controlled modification of object prototype attributes.

This vulnerability is tracked as CVE-2026-15195. The attack can be launched remotely. Moreover, an exploit is present.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More