CVE-2025-57353 | messageformat up to 3.0.0 Runtime prototype pollution (Issue 453)

A vulnerability described as problematic has been identified in messageformat up to 3.0.0. This affects an unknown part of the component Runtime Component. Such manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is listed as CVE-2025-57353. The attack must be carried out from within the local network. In addition, an exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More