High severity7.3NVD Advisory· Published Apr 20, 2026· Updated Apr 22, 2026
CVE-2026-6594
CVE-2026-6594
Description
A vulnerability was determined in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the argument __proto__/constructor.prototype/prototype can lead to improperly controlled modification of object prototype attributes. The attack may be performed from remote. The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
@brikcss/mergenpm | <= 1.3.1 | — |
Affected products
2Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.