CVE-2026-6594 | brikcss merge up to 1.3.0 __proto__/constructor.prototype/prototype prototype pollution

A vulnerability labeled as problematic has been found in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the argument __proto__/constructor.prototype/prototype can lead to improperly controlled modification of object prototype attributes.

This vulnerability appears as CVE-2026-6594. The attack may be performed from remote. There is no available exploit.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More