Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
AV:N for network-deliverable input; AC:H because textformat extension must be in explicit use and downstream code must exhibit prototype-pollution-susceptible patterns; PR:N as no authentication is needed to submit crafted input; no availability impact from prototype pollution alone.
Primary rating from Vendor (GitHub_M).
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionNVD
protobufjs compiles protobuf definitions into JavaScript (JS) functions. From 8.2.0 until 8.6.5, the protobufjs Text Format extension parsed string-keyed map entries using ordinary property assignment, allowing a map entry with key __proto__ to change the prototype of the returned map object instead of creating an own map entry in protobufjs/ext/textformat. This issue is fixed in version 8.6.5.
AnalysisAI
Prototype pollution in protobuf.js versions 8.2.0 through 8.6.4 allows network-reachable attackers to corrupt JavaScript object prototype chains via the Text Format extension, by supplying a map entry whose key is the reserved JavaScript token __proto__, causing the parser to overwrite the prototype of the returned map object instead of creating a literal own-property entry. Exploitation is constrained by high attack complexity - only applications explicitly using the optional /ext/textformat module and parsing attacker-controlled input are affected - and real-world impact is limited to partial confidentiality and integrity effects in downstream code that inherits or enumerates poisoned prototype properties. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires all of the following conditions simultaneously: (1) the application must explicitly import and use the non-default `protobufjs/ext/textformat` module - the standard binary protobuf encoding path is not affected; (2) the application must pass attacker-controlled data as input to the text-format parser; (3) the protobuf schema used must define one or more map fields with string keys, enabling the `__proto__` key to be reached during parsing; and (4) downstream application code must act on the returned map object in a way that is sensitive to prototype chain modifications (e.g., iterating with `for...in`, checking for inherited properties, or passing the object to code that uses prototype-inherited values). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The provided CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N, score 4.8 Medium) is well-calibrated for this vulnerability. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker sends a crafted HTTP request body containing a protobuf text-format payload with a map entry whose key is literally `__proto__` to a Node.js service that uses `protobufjs/ext/textformat` to parse incoming messages. The parser assigns the attacker-supplied value to `__proto__` on the returned map object, polluting the JavaScript object prototype chain for that object and any downstream code that inherits or enumerates its properties. … |
| Remediation | Vendor-released patch: 8.6.5 - upgrade the `protobufjs` npm package to version 8.6.5 or later, available at https://github.com/protobufjs/protobuf.js/releases/tag/protobufjs-v8.6.5. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Prototype Pollution
View allPrototype pollution in Adobe Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier enables arbitrary code execu
Prototype pollution in the farinspace Partners WordPress plugin (versions up to and including 0.2.0) enables remote unau
Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service
A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code vi
A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary code via the aim function
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper s
This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitr
Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Ser
alizeait unflatto <= 1.0.2 was discovered to contain a prototype pollution via the method exports.unflatto at /dist/inde
A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConf
A Prototype Pollution vulnerability in the util-deps.addFileDepend function of magix-combine-ex versions thru 1.2.10 all
Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function. Rated critical severity (CVSS 9.8), this
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42311