Description

A prototype pollution in the lib.set function of dref v0.1.2 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

INFO

Published Date :

2025-09-25T00:00:00.000Z

Last Modified :

2025-09-25T18:50:56.541Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-26278 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-26278.

URL Resource
https://gist.github.com/tariqhawis/ad92d5e683f3a5d83e0629955ff42ad7 cve-icon cve-icon
https://github.com/OrangeShieldInfos/PoCs/tree/main/JavaScript/prototype-pollution/CVE-2025-26278 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact