Skip to main content

Style Dictionary

1 CVEs product

Monthly

CVE-2026-54639 HIGH PATCH This Week

{ output: 'object' })`, the Expand API, and the transform lifecycle, and is most dangerous when Style Dictionary runs inside a Node.js server that ingests untrusted tokens. No public exploit identified at time of analysis and CISA has not listed it in KEV.

Prototype Pollution Information Disclosure Style Dictionary
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
EPSS 0% CVSS 8.8
HIGH PATCH This Week

{ output: 'object' })`, the Expand API, and the transform lifecycle, and is most dangerous when Style Dictionary runs inside a Node.js server that ingests untrusted tokens. No public exploit identified at time of analysis and CISA has not listed it in KEV.

Prototype Pollution Information Disclosure Style Dictionary
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy