CVE-2025-57326 | sassdoc-extras up to 2.5.1 byGroupAndType prototype pollution

September 24, 2025 Yanac

A vulnerability was found in sassdoc-extras up to 2.5.1. It has been declared as problematic. Affected is the function byGroupAndType. Executing manipulation can lead to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is handled as CVE-2025-57326. The attack can only be done within the local network. Additionally, an exploit exists.VulDB Recent EntriesRead More