CVE-2025-57349
Description
The messageformat package, an implementation of the Unicode MessageFormat 2 specification for JavaScript, is vulnerable to prototype pollution due to improper handling of message key paths in versions prior to 2.3.0. The flaw arises when processing nested message keys containing special characters (e.g., __proto__ ), which can lead to unintended modification of the JavaScript Object prototype. This vulnerability may allow a remote attacker to inject properties into the global object prototype via specially crafted message input, potentially causing denial of service or other undefined behaviors in applications using the affected component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Prototype pollution in messageformat < 2.3.0 allows remote attackers to inject properties into the global Object prototype via crafted message key paths, risking denial of service.
Vulnerability
Overview The messageformat package, a JavaScript implementation of the Unicode MessageFormat 2 specification, is vulnerable to prototype pollution in versions prior to 2.3.0. The flaw originates from improper handling of nested message key paths that contain special characters like __proto__. This allows an attacker to modify the global JavaScript Object prototype when the library processes specially crafted message input [1][3].
Exploitation and
Attack Surface An attacker can exploit this vulnerability by supplying untrusted message definitions that include nested key paths referencing __proto__. No authentication is required if the application processes user-supplied message inputs. The attack surface includes any application using a vulnerable version of messageformat that handles external message data [1][3].
Impact
Successful exploitation enables property injection into the global Object prototype, which can alter the behavior of all objects in the runtime environment. This may lead to denial of service via application crashes, undefined behavior, or arbitrary property modifications that affect downstream logic [1][3].
Mitigation
Status The issue is fixed in version 2.3.0 and later releases. Users should upgrade to the latest version immediately. No workarounds are documented other than updating the package and avoiding processing untrusted message key inputs on vulnerable versions [2][3].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
messageformatnpm | < 3.0.0-beta.0 | 3.0.0-beta.0 |
Affected products
2- messageformat/messageformatdescription
- Range: <2.3.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.