CVE-2026-16150 - RobinHerbots Inputmask Internal Deep Merge Helper extend.js extendAliases prototype pollution

CVE ID :CVE-2026-16150
Published : July 18, 2026, 7:15 p.m. | 1 hour, 5 minutes ago
Description :A vulnerability was found in RobinHerbots Inputmask up to 5.0.9. Affected by this issue is the function extendDefaults/extendDefinitions/extendAliases in the library lib/dependencyLibs/extend.js of the component Internal Deep Merge Helper. The manipulation results in improperly controlled modification of object prototype attributes. The attack may be performed from remote. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

from Latest Vulnerabilities https://ift.tt/HLSBZk7
via IFTTT

Maloy Roy Orko

I am Maloy Roy Orko. An aspiring security researcher. Learning New Fields and Strategies Since 2019. 💻

Post a Comment

Please Select Embedded Mode To Show The Comment System.*

Previous Post Next Post