CVE-2026-23736 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, due to improper inpu…
High CVSS: 7.3

CVE-2026-23736

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, due to improper input validation, a malicious object key can lead to prototype pollution during JSON deserialization. This vulnerability affects only JSON deserialization functionality. This issue is fixed in version 1.4.1.
Vendor
Lxsmnsyc
Product
Seroval
CWE
CWE-1321
Yayın Tarihi
2026-01-21 23:15:52
Güncelleme
2026-02-27 19:36:50
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-1321 Seroval HIGH Lxsmnsyc 2026

Referanslar

https://github.com/lxsmnsyc/seroval/commit/ce9408ebc87312fcad345a73c172212f2a798060 https://github.com/lxsmnsyc/seroval/security/advisories/GHSA-hj76-42vx-jwp4