LOW
feathersjs
CVE published 2026-07-17
CVE-2026-54335
CVE-2026-54335 is a prototype pollution vulnerability in Feathersjs framework versions 5.0.44 and earlier. The vulnerability allows an attacker to pollute the prototype for all plain objects in the process for the lifetime of the Node process. This can lead to security issues if not properly mitigated. Affected deployments should be identified and owners assigned for follow-up.