Skip to main content

deepstream.io EUVDEUVD-2026-37943

| CVE-2026-49252 CRITICAL
Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) (CWE-1321)
2026-06-18 GitHub_M GHSA-9v98-6g37-x9g6
9.9
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
9.9 CRITICAL
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
vuln.today AI
9.9 CRITICAL

Network-reachable client protocol (AV:N), trivial crafted path (AC:L), needs an authenticated writer (PR:L), no UI; prototype pollution leaves the record subsystem and taints the permission valve, so S:C with high C/I and low A.

3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
Low

Lifecycle Timeline

3
Patch available
Jun 18, 2026 - 22:16 EUVD
Source Code Evidence Fetched
Jun 18, 2026 - 20:47 vuln.today
Analysis Generated
Jun 18, 2026 - 20:47 vuln.today

DescriptionCVE.org

deepstream is a server that allows clients and backend services to sync data, send messages and make rpcs at scale. Versions prior to 10.0.5 are vulnerable to Prototype Pollution. Exploitation can lead to potential privilege escalation from any authenticated user with write permission to any record. This issue has been fixed in version 10.0.5.

AnalysisAI

Prototype pollution in deepstream.io versions prior to 10.0.5 allows an authenticated client with write permission to any record to corrupt the Node.js Object prototype by submitting record-update messages whose path contains tokens such as __proto__, constructor, or prototype. Because deepstream's permission valve and record-transition pipeline both invoke setValue with the attacker-controlled path, polluting the prototype can taint subsequent permission and transition logic and lead to privilege escalation across all connected clients. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate as low-privilege client
Delivery
Identify any writable record
Exploit
Send record update with path '__proto__.isAdmin'
Execution
Pollute Object.prototype in server process
Persist
Valve permission checks inherit attacker-controlled property
Impact
Escalate privileges across all records

Vulnerability AssessmentAI

Exploitation Requires an authenticated deepstream.io client session (PR:L in the vendor vector) that holds write permission to at least one record under the server's Valve permission rules, network reachability to the deepstream server's client port, and a server running a version prior to 10.0.5 with the default json-path utility - no user interaction, no admin role, and no non-default feature flag is needed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Vendor CVSS 3.1 of 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L) reflects a network-reachable, low-complexity attack from any authenticated record-writer, with scope change because polluting Object.prototype reaches code outside the record subsystem (notably the permission valve seen in the diff) - a credible justification for S:C rather than CVSS inflation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker logs in as a normal deepstream client with write access to even one record (the default for many collaborative-app deployments) and sends a record-update message such as record set with path '__proto__.isAdmin' and value true. The unsafe setValue walks through Object.prototype, so every subsequent object - including data evaluated by the Valve permission engine on later requests - inherits isAdmin=true, allowing the attacker to bypass per-record access controls and escalate privileges across the entire deepstream cluster until the process is restarted.
Remediation Vendor-released patch: deepstream.io 10.0.5 - upgrade the server package to 10.0.5 or later per GHSA-9v98-6g37-x9g6 (https://github.com/deepstreamIO/deepstream.io/security/advisories/GHSA-9v98-6g37-x9g6) and commit 54b8e2958a98df444b5b5d9a66e22872afd84e44, which introduces isValidPath rejecting __proto__/constructor/prototype tokens and wraps the permission-valve setValue in try/catch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all deepstream.io deployments and their exact version numbers; document which users hold write permissions to deepstream records. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-34621 HIGH POC
8.6 Apr 11

Prototype pollution in Adobe Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier enables arbitrary code execu

CVE-2024-56059 CRITICAL
9.8 Dec 18

Prototype pollution in the farinspace Partners WordPress plugin (versions up to and including 0.2.0) enables remote unau

CVE-2020-28271 CRITICAL POC
9.8 Nov 12

Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service

CVE-2023-38894 CRITICAL POC
9.8 Aug 16

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code vi

CVE-2024-24292 CRITICAL POC
9.8 Mar 28

A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary code via the aim function

CVE-2023-26121 CRITICAL POC
10.0 Apr 11

All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper s

CVE-2021-23449 CRITICAL POC
10.0 Oct 18

This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitr

CVE-2024-39011 CRITICAL POC
9.8 Jul 30

Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Ser

CVE-2024-38988 CRITICAL POC
9.8 Mar 28

alizeait unflatto <= 1.0.2 was discovered to contain a prototype pollution via the method exports.unflatto at /dist/inde

CVE-2025-57347 CRITICAL POC
9.8 Sep 24

A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConf

CVE-2025-57321 CRITICAL POC
9.8 Sep 24

A Prototype Pollution vulnerability in the util-deps.addFileDepend function of magix-combine-ex versions thru 1.2.10 all

CVE-2024-45435 CRITICAL POC
9.8 Aug 29

Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function. Rated critical severity (CVSS 9.8), this

Share

EUVD-2026-37943 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy