Svelte — CWE-915

All Frameworks › Svelte › CWE-915

1 CVEs categorized as CWE-915 — Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) in Svelte.

CVE-2026-27125MEDIUM2026

svelte performance oriented web framework. Prior to 5.51.5, in server-side rendering, attribute spreading on elements (e.g. <div {...attrs}>) enumerates inherited properties from the object's prototype chain rather than only own properties. In environments where Object.prototype has already been pol…