Product

@Nevware21/Ts-Utils

1 brief RSS

Prototype Pollution Vulnerability in @nevware21/ts-utils Library (CVE-2026-46681)

The `_copyProps` function in the `@nevware21/ts-utils` library is vulnerable to prototype pollution due to the use of `for...in` without proper `hasOwnProperty` checks, allowing attackers to modify object prototypes by injecting properties like `__proto__`.

@nevware21/ts-utils prototype-pollution javascript vulnerability cve-2026-46681

2r 2t 59m ago