protobufjs vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-54270Mediumprotobufjs: protobufjs: Memory amplification from preserved unknown fields in binary decodeCVE-2026-48712Highprotobufjs: protobufjs: Denial of service through unbounded Any expansion during JSON conversionCVE-2026-54269Mediumprotobufjs: protobufjs : Schema-derived names can shadow runtime-significant propertiesCVE-2026-45740Mediumprotobufjs: protobufjs: Denial of Service via unbounded recursive JSON descriptor expansionCVE-2026-44294Mediumprotobufjs: protobuf.js: Denial of service from crafted field names in generated codeCVE-2026-44293Highprotobufjs: protobuf.js: Code injection through bytes field defaults in generated toObject codeCVE-2026-44292Mediumprotobufjs: protobuf.js: Prototype injection in generated message constructorsCVE-2026-44291Highprotobufjs: protobuf.js: Code generation gadget after prototype pollutionCVE-2026-44290Highprotobufjs: protobuf.js: Process-wide denial of service through unsafe option pathsCVE-2026-44289Highprotobufjs: protobuf.js: Denial of service through unbounded protobuf recursionCVE-2026-44288Mediumprotobufjs: protobufjs has overlong UTF-8 decodingCVE-2026-41242Criticalprotobufjs: Arbitrary code execution in protobufjsCVE-2023-36665Criticalprotobufjs: protobufjs Prototype Pollution vulnerabilityCVE-2022-25878Highprotobufjs: Prototype Pollution in protobufjsCVE-2018-3738Mediumprotobufjs: Denial of Service in protobufjs

Stop the waste.
Protect your environment with Kodem.