📦

protobufjs

Vendor: protobufjs_project

Actively Exploited 0 CISA KEV List

PoC / Exploits 4 Code Available

Total RCEs 3 Remote Access

Total CVEs 12 Total Indexed

Avg. EPSS 0.61% Exploit Prob.

Latest CVE CVE-2026-45740 May 13

Security Vulnerability Index

Page 2 / 2

8.2 CVSS

CVE-2022-25878

The package protobufjs before 6.11.3 are vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. This vulnerability can occur in multiple ways: 1. by providing untrusted user input to util.setProperty or to ReflectionObject.setParsedOption functions 2. by parsing/loading .proto files

EPSS: 2.07%

Severity: HIGH

May 27, 2022

5.5 CVSS

CVE-2018-3738

protobufjs is vulnerable to ReDoS when parsing crafted invalid .proto files.

EPSS: 0.96%

Severity: MEDIUM

Jun 07, 2018

Displaying 2 of 12 Total Entries

1 2

Total 2 Sections