CVE-2026-25047

Sažetak

deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8.

Reference

https://github.com/sharpred/deepHas/commit/8097fafd3776c613d8066546653e0d2c7b5fc465
https://github.com/sharpred/deepHas/security/advisories/GHSA-2733-6c58-pf27

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

29-01-2026 - 22:15

Objavljeno

29-01-2026 - 22:15