Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1321 — Vulnerability Class 138

138 vulnerabilities classified as CWE-1321. AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-3982 nortikin Sverchok Set Property Mk2 Node getsetprop_mk2.py SvSetPropNodeMK2 prototype pollution — Sverchok 4.3 Medium2025-04-27
CVE-2024-12556 Kibana Prototype Pollution can lead to code injection — Kibana 8.7 High2025-04-08
CVE-2025-32014 estree-util-value-to-estree allows prototype pollution in generated ESTree — estree-util-value-to-estree 6.5AIMediumAI2025-04-07
CVE-2025-31475 tarteaucitron.js allows prototype pollution via custom text injection — tarteaucitron.js 5.5 Medium2025-04-07
CVE-2025-3197 expand-object 安全漏洞 — expand-object 7.3 High2025-04-04
CVE-2025-27597 Vue I18n Prototype Pollution in `handleFlatJson` — vue-i18n 9.8 -2025-03-07
CVE-2025-25015 Kibana arbitrary code execution via prototype pollution — Kibana 9.9 Critical2025-03-05
CVE-2024-11628 Prototype Pollution in Progress® Telerik® Kendo UI for Vue — Progress® Telerik® Kendo UI for Vue 4.1 Medium2025-02-12
CVE-2024-12629 Prototype Pollution in Progress® Telerik® KendoReact — Telerik KendoReact 4.1 Medium2025-02-12
CVE-2024-56059 WordPress Partners plugin <= 0.2.0 - PHP Object Injection vulnerability — Partners 9.8 Critical2024-12-18
CVE-2024-21548 Bun 安全漏洞 — bun 7.5 High2024-12-18
CVE-2024-54156 JetBrains YouTrack 安全漏洞 — YouTrack 4.2 Medium2024-12-04
CVE-2024-52810 Prototype Pollution in @intlify/shared >=9.7.0 <= 10.0.4 — vue-i18n 9.1 -2024-11-29
CVE-2023-0163 Prototype Pollution in convict — Convict 8.1AIHighAI2024-11-26
CVE-2024-52441 WordPress Quick Learn plugin <= 1.0.1 - PHP Object Injection vulnerability — Quick Learn 9.8 Critical2024-11-20
CVE-2024-48910 DOMPurify vulnerable to tampering by prototype polution — DOMPurify 9.1 Critical2024-10-31
CVE-2024-45277 Prototype Pollution vulnerability in SAP HANA Client — SAP HANA Client 4.3 Medium2024-10-08
CVE-2024-21489 uPlot 安全漏洞 — uplot 8.2 High2024-10-01
CVE-2024-45815 Prototype pollution in @backstage/plugin-catalog-backend — backstage 6.5 Medium2024-09-17
CVE-2024-21529 Lukeed dset 安全漏洞 — dset 8.2 High2024-09-11
CVE-2024-21528 node-gettext 安全漏洞 — node-gettext 5.9 Medium2024-09-10
CVE-2024-21512 MySQL2 安全漏洞 — mysql2 8.2 High2024-05-29
CVE-2024-34698 Prototype Pollution in getQueryParam Function (URL Query Parser) — freescout 4.6 Medium2024-05-13
CVE-2024-32866 Conform contains Prototype Pollution Vulnerability in `parseWith...` function — conform 8.6 High2024-04-23
CVE-2024-21509 MySQL2 安全漏洞 — mysql2 6.5 Medium2024-04-10
CVE-2024-21505 Web3.js 安全漏洞 — web3-utils 7.5 High2024-03-25
CVE-2024-2495 Cryptographic key in plain text vulnerability in FriendlyElec's FriendlyWrt — FriendlyWrt 5.2 Medium2024-03-15
CVE-2024-27307 JSONata expression can pollute the "Object" prototype — jsonata 9.8 Critical2024-03-06
CVE-2024-23339 hoolock does not block Prototype pollution with object-path related utilities — hoolock 6.3 Medium2024-01-22
CVE-2023-39296 QTS, QuTS hero — QTS 7.5 High2024-01-05

Vulnerabilities classified as CWE-1321 represent 138 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.