CVE-2026-25047

← CVEs

HIGH 8.8

Published

2026-01-29

Last Modified

2026-02-25

Affected Apps

Affected Devices

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8.

Affected Applications in Environment 1

SHARP

1 device

Affected Devices 1

DPHSNG-T800122X Windows

References 2

https://github.com/sharpred/deepHas/commit/8097fafd3776c613d8066546653e0d2c7b5fc465
https://github.com/sharpred/deepHas/security/advisories/GHSA-2733-6c58-pf27