How is CVE-2026-46510 exploited?

Network reachability (required): The attacker reaches the vulnerability by sending an HTTP form submission to any endpoint that pipes FormData into the library, so over-the-network exposure of the affected service is the entry point. Authentication (not-required): PR:N in the CVSS vector indicates no account or session is needed; any anonymous client that can POST a form payload can trigger the pollution. Victim interaction (not-required): UI:N applies: the attacker submits the malicious form directly and no user has to click, open, or approve anything for the prototype to be polluted. Attack complexity (info): AC:L: a single form field whose name begins with __proto__[...] is enough, with no race condition, memory layout, or environmental tuning required.

What is the impact of CVE-2026-46510?

Mutates Object.prototype for the entire Node.js process, so attacker-controlled properties appear on every object the application later constructs or inspects. Enables integrity attacks against application logic: authorization checks, feature flags, and template rendering paths can be flipped by seeding properties the code reads via plain object lookup. Can degrade availability by injecting properties that cause downstream code to throw on unexpected types, matching the A:L impact in the CVSS vector. In applications that later spawn child processes or evaluate templates using polluted defaults, the primitive is a common stepping stone to remote code execution inside the Node.js runtime.

Back to search

HIGHCVE-2026-46510Published 2026-05-29Modified 2026-05-29CNA GitHub_M

CVE-2026-46510: Prototype pollution in form-data-objectizer via bracket-notation form keys

form-data-objectizer converts FormData to object. Prior to 1.0.1, form-data-objectizer walks bracket-notation form keys (e.g. name[sub]) into nested objects without filtering __proto__, constructor, or prototype. A single HTTP form field whose name starts with __proto__[...] causes the library to mutate Object.prototype, which is a prototype pollution primitive of the entire Node.js process. This vulnerability is fixed in 1.0.1.

HarborGuard Analysis

HarborGuard analysis

Synopsis

Prototype pollution in the form-data-objectizer Node.js library, which converts FormData into JavaScript objects. The bug is reachable over the network with no authentication and no user interaction: any HTTP endpoint that feeds form data into the library will, on a single crafted field name like __proto__[polluted], mutate Object.prototype across the entire Node.js process. Successful exploitation lets an attacker tamper with object properties globally, enabling logic bypasses, privilege escalation paths, and in some apps remote code execution. The record lists no published fix version at the time of writing, so HarborGuard tracks the advisory for patch availability. Note: the description text references 1.0.1 as a fix, but no fix version is published in the structured record, so monitoring remains active.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: this CVE is ingested from upstream feeds within minutes of publication and matched against form-data-objectizer occurrences in customer registry images and build pipelines, including custom-built images that pull the package transitively.

Available

Triage

Triage is available with the published CVSS 8.2 high score weighted against each customer's compliance policy, so an internet-exposed Node.js service pulling this dependency is escalated differently than an offline build tool. Findings route to the appropriate inbox inside each customer organization based on image ownership and policy tags.

Available

Patch

Patch availability is monitored on every ingest cycle; the moment an upstream fixed release is published, a rebuilt image at the fix version becomes available on HarborGuard. For customers who opt into auto-remediation, the rebuild kicks off a regression test run and opens a PR against workloads that consume the affected image, with no manual ticket handoff.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The attacker reaches the vulnerability by sending an HTTP form submission to any endpoint that pipes FormData into the library, so over-the-network exposure of the affected service is the entry point.
AuthenticationNot required
PR:N in the CVSS vector indicates no account or session is needed; any anonymous client that can POST a form payload can trigger the pollution.
Victim interactionNot required
UI:N applies: the attacker submits the malicious form directly and no user has to click, open, or approve anything for the prototype to be polluted.
Attack complexityDetail
AC:L: a single form field whose name begins with __proto__[...] is enough, with no race condition, memory layout, or environmental tuning required.

Blast Radius

Mutates Object.prototype for the entire Node.js process, so attacker-controlled properties appear on every object the application later constructs or inspects.
Enables integrity attacks against application logic: authorization checks, feature flags, and template rendering paths can be flipped by seeding properties the code reads via plain object lookup.
Can degrade availability by injecting properties that cause downstream code to throw on unexpected types, matching the A:L impact in the CVSS vector.
In applications that later spawn child processes or evaluate templates using polluted defaults, the primitive is a common stepping stone to remote code execution inside the Node.js runtime.

How HarborGuard Handles This

Available on HarborGuard: continuous monitoring of the form-data-objectizer advisory across all customer images, with re-check on every ingest cycle so a patched-image rebuild becomes available the moment an upstream fixed release is published. While no fix version is published in the advisory record, compensating-control guidance is surfaced alongside the finding: put the affected service behind a request filter that rejects form field names containing __proto__, constructor, or prototype; freeze Object.prototype at process start with Object.freeze(Object.prototype) where the application can tolerate it; and isolate the workload with network policy and egress filtering so a successful pollution cannot pivot outward. For environments with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will fire automatically once a fixed version lands upstream.

See how HarborGuard automates this

CVSS v3.1: 8.2
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

kaspernj / form-data-objectizer
< 1.0.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

References