Prototype Pollution Vulnerability in sagold json-schema-library
CVE-2026-16008
5.3MEDIUM
What is CVE-2026-16008?
A security vulnerability has been identified in the sagold json-schema-library versions 11.5.0 and 11.5.1. This vulnerability affects the parsePropertyDependencies function located in src/keywords/propertyDependencies.ts. It allows an attacker to remotely manipulate and control object prototype attributes, potentially leading to severe security implications. Users are strongly encouraged to upgrade to version 11.6.0, where this issue has been addressed, ensuring enhanced protection against this threat.
Affected Version(s)
json-schema-library 11.5.0
json-schema-library 11.5.1
json-schema-library 11.6.0
