PatchSiren

sagold CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW sagold CVE published 2026-07-17

CVE-2026-16008

CVE-2026-16008 is a security vulnerability detected in sagold json-schema-library versions 11.5.0 and 11.5.1. The vulnerability affects the parsePropertyDependencies function in the src/keywords/propertyDependencies.ts file. The manipulation leads to improperly controlled modification of object prototype attributes. The attack can be initiated remotely. Upgrading to version 11.6.0 will fix this issue. The [truncated]