High severity7.5NVD Advisory· Published Sep 25, 2025· Updated Apr 15, 2026
CVE-2025-26278
CVE-2025-26278
Description
A prototype pollution in the lib.set function of dref v0.1.2 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
drefnpm | <= 0.1.2 | — |
Affected products
1Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.