Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
org.webjars.npm/protobufjs 8.0.0 | Vulnera… | Sonatype Guide
maven
org.webjars.npm
protobufjs
8.0.0
protobufjs 8.0.0
Latest
org.webjars.npm
Published
Jan 27, 2026
•
Policy
compliance
maven Registry
Developer Trust Score
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
25
Versions
25
Vulnerabilities
1
Vulnerabilities
1
Dependencies
13
Dependencies
13
Reset filters
Severity
Critical
(1)
High
(0)
Medium
(0)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
9.4
CVE-2026-41242
protobufjs compiles protobuf definitions into JavaScript (JS) functions. In versions prior to 8.0.1 and 7.5.5, attackers can inject arbitrary code in the "type" fields of protobuf definitions, which will then execute during object decoding using that definition. Versions 8.0.1 and 7.5.5 patch the issue.
affected
Severity
Critical
Published
Apr 20, 2026
