Maker.Js

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-24888 MEDIUM POC PATCH This Month

Maker.js versions up to 0.19.1 improperly validate object properties in the `extendObject` function, allowing inherited and malicious properties to be copied to target objects without filtering. Applications using the library are vulnerable to property injection attacks, and public exploit code exists for this vulnerability. A patch is available in version 0.19.2.

Code Injection Maker.Js

NVD GitHub

CVSS 3.1

6.5

EPSS

0.6%

CVE-2026-24888

EPSS 1% CVSS 6.5

MEDIUM POC PATCH This Month

Maker.js versions up to 0.19.1 improperly validate object properties in the `extendObject` function, allowing inherited and malicious properties to be copied to target objects without filtering. Applications using the library are vulnerable to property injection attacks, and public exploit code exists for this vulnerability. A patch is available in version 0.19.2.

Code Injection Maker.Js

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy