Tag: cve 2026 44291

Protobuf.js Vulnerabilities Expose Node.js Apps to Code Execution, DoS

A single malicious protobuf schema could be all it takes to trigger crashes, corrupt runtimes, or even execute code in vulnerable Node.js apps, warns Cyera security researcher Assaf Morag. Six newly identified vulnerabilities in protobuf.js, known as Proto6, carry high severity scores and could put your app at risk.