Skip to main content

AdonisJS bodyparser CVE-2026-48795

HIGH
Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) (CWE-1321)
2026-06-30 https://github.com/adonisjs/core GHSA-qcm7-3vpr-hj5h
8.6
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.6 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
vuln.today AI
9.4 CRITICAL

Unauthenticated single request against default config gives AV:N/AC:L/PR:N/UI:N; process-wide prototype pollution is primarily integrity (I:H) with DoS potential (A:H) and limited confidentiality (C:L).

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jun 30, 2026 - 19:20 vuln.today
CVE Published
Jun 30, 2026 - 18:34 github-advisory
HIGH 8.6

DescriptionGitHub Advisory

Summary

The fix for GHSA-f5x2-vj4h-vg4c / CVE-2026-25754 introduced in commit 40e1c71 is incomplete and can be bypassed through nested prototype pollution payloads.

The original patch replaced the internal FormFields storage object with Object.create(null), preventing direct payloads such as __proto__.polluted. However, payloads containing a non-dangerous segment before __proto__ or constructor.prototype, such as user.__proto__.polluted, still lead to Object.prototype pollution.

This issue is exploitable remotely through a single unauthenticated multipart/form-data request using the default configuration.

Affected versions

  • >= 10.1.3 < 10.1.5
  • >= 11.0.0-next.9 < 11.0.3

Details

The regression tests added by the original fix only covered direct payloads such as:

  • __proto__.polluted
  • constructor.prototype.polluted

These payloads are blocked because the root object no longer inherits from Object.prototype.

However, lodash _.set() (via @poppinss/utils) still creates intermediate objects using plain {} values. Once a normal segment is encountered, subsequent __proto__ or constructor.prototype segments regain access to Object.prototype.

Impact

An unauthenticated attacker can remotely pollute Object.prototype on any route accepting multipart/form-data requests behind BodyParserMiddleware.

Because the pollution is process-wide, the impact may include authorization bypasses, unexpected behavior in downstream libraries, or prototype pollution gadget chains leading to remote code execution.

Patches

Fixes targeting v6 and v7 have been published below.

Users should upgrade to a version that includes the following fix:

  • https://github.com/adonisjs/bodyparser/releases/tag/v10.1.5
  • https://github.com/adonisjs/bodyparser/releases/tag/v11.0.3

References

AnalysisAI

{} literals. No public exploit identified at time of analysis, but the high CVSS (8.6) and trivial exploitation make this a priority for affected deployments.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Identify route accepting multipart/form-data
Delivery
Send crafted nested field (user.__proto__.polluted)
Exploit
lodash _.set creates plain intermediate object
Install
Trailing __proto__ writes Object.prototype
C2
Process-wide pollution affects all objects
Execute
Bypass authorization or trigger gadget
Impact
Logic corruption, DoS, or RCE

Vulnerability AssessmentAI

Exploitation Exploitation requires only that the target AdonisJS application route the request through BodyParserMiddleware and accept multipart/form-data - both true in the default configuration - and that the running @adonisjs/bodyparser version falls in 10.1.3-10.1.4 or 11.0.0-next.9-11.0.2. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H = 8.6 High) aligns well with the description: network-reachable, low complexity, no privileges, no user interaction, against the default configuration. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker sends a single unauthenticated multipart/form-data POST to any endpoint behind BodyParserMiddleware, supplying a field name like user[__proto__][polluted]=yes (or user.__proto__.polluted). The lodash _.set() path-builder creates a plain intermediate object for 'user', and the trailing __proto__ segment writes 'polluted' onto the shared Object.prototype for the whole Node.js process. …
Remediation Vendor-released patch: upgrade @adonisjs/bodyparser to 10.1.5 (https://github.com/adonisjs/bodyparser/releases/tag/v10.1.5) or 11.0.3 (https://github.com/adonisjs/bodyparser/releases/tag/v11.0.3), per the vendor advisory GHSA-qcm7-3vpr-hj5h. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-34621 HIGH POC
8.6 Apr 11

Prototype pollution in Adobe Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier enables arbitrary code execu

CVE-2024-56059 CRITICAL
9.8 Dec 18

Prototype pollution in the farinspace Partners WordPress plugin (versions up to and including 0.2.0) enables remote unau

CVE-2020-28271 CRITICAL POC
9.8 Nov 12

Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service

CVE-2023-38894 CRITICAL POC
9.8 Aug 16

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code vi

CVE-2024-24292 CRITICAL POC
9.8 Mar 28

A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary code via the aim function

CVE-2023-26121 CRITICAL POC
10.0 Apr 11

All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper s

CVE-2021-23449 CRITICAL POC
10.0 Oct 18

This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitr

CVE-2024-39011 CRITICAL POC
9.8 Jul 30

Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Ser

CVE-2024-38988 CRITICAL POC
9.8 Mar 28

alizeait unflatto <= 1.0.2 was discovered to contain a prototype pollution via the method exports.unflatto at /dist/inde

CVE-2025-57347 CRITICAL POC
9.8 Sep 24

A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConf

CVE-2025-57321 CRITICAL POC
9.8 Sep 24

A Prototype Pollution vulnerability in the util-deps.addFileDepend function of magix-combine-ex versions thru 1.2.10 all

CVE-2024-45435 CRITICAL POC
9.8 Aug 29

Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function. Rated critical severity (CVSS 9.8), this

Share

CVE-2026-48795 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy