CVE-2025-8101

ADVISORY - github

Summary

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Linkify (linkifyjs) allows XSS Targeting HTML Attributes and Manipulating User-Controlled Variables.This issue affects Linkify: from 4.3.1 before 4.3.2.

EPSS Score⁠: 0.00068 (0.213)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-1321⁠

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

ADVISORY - github

CWE-1321⁠

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Impacted images

Advisories

NIST

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2025-8101⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

8.8high

GitHub

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDGHSA-95jq-xph2-cx9h⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

8.8high