Package impact
npm / protobufjs
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-44294 | medium | 5.3 | 5.3 | 22d ago | protobuf.js: Denial of service from crafted field names in generated code | |||
| CVE-2026-44292 | medium | 5.3 | 5.3 | 22d ago | protobuf.js: Prototype injection in generated message constructors | |||
| CVE-2026-44288 | medium | 5.3 | 5.3 | 22d ago | protobufjs has overlong UTF-8 decoding |