Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Blast Radius
ecosystem impact- 1 npm packages depend on @mikro-orm/core (1 direct, 0 indirect)
Ecosystem-wide dependent count for version 7.0.0-dev.0.
DescriptionGitHub Advisory
A prototype pollution vulnerability exists in the Utils.merge helper used internally by MikroORM when merging object structures.
The function did not prevent special keys such as __proto__, constructor, or prototype, allowing attacker-controlled input to modify the JavaScript object prototype when merged.
Exploitation requires application code to pass untrusted user input into ORM operations that merge object structures, such as entity property assignment or query condition construction.
Prototype pollution may lead to denial of service or unexpected application behavior. In certain scenarios, polluted properties may influence query construction and potentially result in SQL injection depending on application code.
AnalysisAI
Prototype pollution in MikroORM's Utils.merge function allows attackers to modify JavaScript object prototypes when applications pass untrusted user input into ORM operations. Affects @mikro-orm/core npm package, enabling denial of service and potentially SQL injection when polluted properties influence query construction. No public exploit identified at time of analysis, though GitHub security advisory published by the project maintainers confirms the vulnerability class (CWE-1321).
Technical ContextAI
MikroORM is a TypeScript ORM for Node.js supporting multiple SQL databases. The vulnerability resides in the internal Utils.merge helper function, which performs deep object merging for entity property assignment and query condition construction. The function lacks proper filtering of dangerous JavaScript special keys (__proto__, constructor, prototype), implementing the classic prototype pollution pattern (CWE-1321). When untrusted input flows through ORM operations like entity updates or query builders, attackers can inject these special keys to modify the base Object prototype chain. The affected package is pkg:npm/@mikro-orm_core, indicating the core ORM package distributed via npm. Prototype pollution in JavaScript allows modification of properties inherited by all objects in the runtime, creating a cross-cutting attack surface that transcends normal application boundaries.
RemediationAI
Consult the official GitHub security advisory at https://github.com/mikro-orm/mikro-orm/security/advisories/GHSA-qpfv-44f3-qqx6 for vendor-confirmed patch versions and upgrade guidance. Upstream fix available through the project's GitHub repository, though released patched version number not independently confirmed from provided data. Primary remediation requires upgrading @mikro-orm/core to the patched release specified in the advisory. As an immediate workaround, implement input validation and sanitization before passing user-controlled data to ORM operations, specifically filtering or rejecting objects containing __proto__, constructor, or prototype keys. Use Object.create(null) for user-input objects to prevent prototype chain inheritance, or employ libraries like lodash's merge with prototype pollution protections. Review application code for patterns that dynamically assign user input to entity properties or query conditions without schema validation. The GitHub advisory at https://github.com/advisories/GHSA-qpfv-44f3-qqx6 may contain additional mitigation guidance.
More in Prototype Pollution
View allPrototype pollution in Adobe Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier enables arbitrary code execu
Prototype pollution in the farinspace Partners WordPress plugin (versions up to and including 0.2.0) enables remote unau
Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service
A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code vi
A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary code via the aim function
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper s
This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitr
Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Ser
alizeait unflatto <= 1.0.2 was discovered to contain a prototype pollution via the method exports.unflatto at /dist/inde
A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConf
A Prototype Pollution vulnerability in the util-deps.addFileDepend function of magix-combine-ex versions thru 1.2.10 all
Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function. Rated critical severity (CVSS 9.8), this
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-17488
GHSA-qpfv-44f3-qqx6