Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (snyk) · only source for this CVE.
CVSS VectorVendor: snyk
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Prototype Pollution via the jsondiffpatch.patch() and jsondiffpatch/formatters/jsonpatch.patch() APIs. An attacker can perform prototype pollution by supplying crafted delta or JSON Patch documents, as attacker-controlled property names and path segments are used to traverse and modify objects without restricting access to special properties like __proto__ or constructor.prototype, allowing modification of Object.prototype.
AnalysisAI
Prototype pollution in the jsondiffpatch JavaScript library before 0.7.6 allows attackers to modify Object.prototype by supplying crafted delta documents to jsondiffpatch.patch() or JSON Patch documents to the jsonpatch formatter's patch() API. Because attacker-controlled key names and JSON Pointer path segments were used to traverse and mutate objects without filtering __proto__, constructor, or prototype, any application that feeds untrusted diffs into the library can have global object behavior tampered with. A public POC exists in the Snyk advisory and an accompanying gist, but there is no public exploit identified at time of analysis (not on CISA KEV).
Technical ContextAI
jsondiffpatch is a widely used Node.js/browser library (npm package 'jsondiffpatch') for computing and applying JSON deltas, including an RFC 6902 JSON Patch formatter. The vulnerability is CWE-1321 (Improperly Controlled Modification of Object Prototype Attributes, 'Prototype Pollution'). Two code paths are at fault: packages/jsondiffpatch/src/filters/nested.ts, where the patch/reverse filters iterated delta keys and indexed into context.left[name] without rejecting __proto__ or restricting traversal to own properties (so a delta key chain like constructor.prototype walked through the inherited constructor into Object.prototype); and packages/jsondiffpatch/src/formatters/jsonpatch-apply.ts, where parsePathFromRFC6902 split a JSON Pointer string into segments that were used unchecked as property accessors. The fix introduces an UNSAFE_KEYS set ({__proto__, constructor, prototype} for JSON Patch paths, {__proto__} for delta filters combined with hasOwnProperty guards on left) so unsafe segments are skipped or rejected. The single affected CPE is cpe:2.3:a:n/a:jsondiffpatch:*:*:*:*:*:*:*:* covering versions 0 < 0.7.6.
RemediationAI
Upgrade the jsondiffpatch dependency to 0.7.6 or later (vendor-released patch: 0.7.6), which adds an UNSAFE_KEYS filter and an own-property guard in packages/jsondiffpatch/src/filters/nested.ts and rejects __proto__, constructor, and prototype segments in packages/jsondiffpatch/src/formatters/jsonpatch-apply.ts (see https://github.com/benjamine/jsondiffpatch/commit/381c0125efab49f6f0dbc08317d01d55717672af and https://security.snyk.io/vuln/SNYK-JS-JSONDIFFPATCH-16322990). If immediate upgrade is not possible, do not pass untrusted delta or JSON Patch documents into jsondiffpatch.patch() or jsondiffpatch/formatters/jsonpatch.patch(); pre-validate inputs by recursively rejecting any object key or JSON Pointer segment equal to __proto__, constructor, or prototype before applying, accepting that this validation must mirror the library's traversal exactly or risk bypass. As broader hardening, run Node with --disable-proto=delete (which removes the __proto__ accessor entirely and may break libraries that rely on it) or freeze Object.prototype at process startup with Object.freeze(Object.prototype) (which can break code that intentionally augments built-in prototypes); both are application-wide changes and should be tested before rollout.
More in Prototype Pollution
View allPrototype pollution in Adobe Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier enables arbitrary code execu
Prototype pollution in the farinspace Partners WordPress plugin (versions up to and including 0.2.0) enables remote unau
Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service
A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code vi
A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary code via the aim function
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper s
This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitr
Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Ser
alizeait unflatto <= 1.0.2 was discovered to contain a prototype pollution via the method exports.unflatto at /dist/inde
A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConf
A Prototype Pollution vulnerability in the util-deps.addFileDepend function of magix-combine-ex versions thru 1.2.10 all
Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function. Rated critical severity (CVSS 9.8), this
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30670
GHSA-j4fx-xxwh-2485