How is CVE-2026-49252 exploited?

Network reachability (required): The attacker must reach the deepstream server over the network; the service exposes a remotely accessible endpoint that accepts client connections. Authentication (required): Any low-privilege account with record-write permission is sufficient; no admin or elevated credentials are needed. Victim interaction (not-required): No user interaction is required; the attacker acts entirely on their own without needing to trick another party. Attack complexity (info): Attack complexity is low, meaning the exploit is reliable and requires no special race conditions, memory layout knowledge, or environmental prerequisites.

What is the impact of CVE-2026-49252?

Attacker escalates from a low-privilege account to broader server-side privileges by corrupting shared JavaScript object prototypes. Attacker reads confidential records and data synced between clients and backend services, including any stored session or application state. Attacker modifies persisted records and data across the deepstream server, affecting all clients and backend services sharing that state. Attacker degrades service reliability; availability impact is rated low, meaning partial disruption or instability of the deepstream process is achievable.

Back to search

CRITICALCVE-2026-49252Published 2026-06-18Modified 2026-06-18CNA GitHub_M

CVE-2026-49252: deepstream is vulnerable to prototype pollution

deepstream is a server that allows clients and backend services to sync data, send messages and make rpcs at scale. Versions prior to 10.0.5 are vulnerable to Prototype Pollution. Exploitation can lead to potential privilege escalation from any authenticated user with write permission to any record. This issue has been fixed in version 10.0.5.

CVSS v3.1: 9.9
Severity: CRITICAL
Fixed in: —
Affected Products: 1

HarborGuard Analysis

Synopsis

Prototype pollution in deepstream.io allows any authenticated user with record-write permission to corrupt JavaScript object prototypes on the server. The vulnerability is reachable over the network and requires only a low-privilege account, so no admin access is needed to exploit it. Successful exploitation enables privilege escalation, full read and write access to server data, and partial disruption of availability. HarborGuard tracks this advisory and will make a patched-image rebuild available the moment an upstream fix is confirmed published.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against customer images, including custom-built images that bundle deepstream.io. Any image running deepstreamIO/deepstream.io below version 10.0.5 is flagged immediately.

Available

Triage

HarborGuard scores this CVE at 9.9 CVSS v3.1 (Critical) and surfaces it accordingly, weighting findings against each customer environment's compliance policy. Alerts are routed to the team inboxes configured in each organization so the right engineers see the finding without manual filtering.

Available

Patch

Because no fix version has been confirmed published upstream, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment the upstream release lands. For customers with auto-remediation enabled, that rebuild will trigger a regression test run and a PR opened against affected workloads without requiring manual intervention.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The attacker must reach the deepstream server over the network; the service exposes a remotely accessible endpoint that accepts client connections.
AuthenticationRequired
Any low-privilege account with record-write permission is sufficient; no admin or elevated credentials are needed.
Victim interactionNot required
No user interaction is required; the attacker acts entirely on their own without needing to trick another party.
Attack complexityDetail
Attack complexity is low, meaning the exploit is reliable and requires no special race conditions, memory layout knowledge, or environmental prerequisites.

Blast Radius

Attacker escalates from a low-privilege account to broader server-side privileges by corrupting shared JavaScript object prototypes.
Attacker reads confidential records and data synced between clients and backend services, including any stored session or application state.
Attacker modifies persisted records and data across the deepstream server, affecting all clients and backend services sharing that state.
Attacker degrades service reliability; availability impact is rated low, meaning partial disruption or instability of the deepstream process is achievable.

How HarborGuard Handles This

Available on HarborGuard: because no upstream fix version has been published for this Critical-severity prototype pollution issue, HarborGuard continuously re-checks the advisory on every ingest cycle. The moment deepstreamIO publishes a patched release, a rebuilt image at that version becomes available. For customers with auto-remediation enabled, the rebuild is followed by a regression test run and a PR opened against affected workloads. In the interim, compensating controls worth considering include network-policy rules that restrict which clients can open write sessions to the deepstream server, egress filtering to limit lateral movement if the service is compromised, and auditing which accounts hold record-write permission so the blast radius of any exploitation attempt is minimized.

See how HarborGuard automates this

Affected packages

deepstreamIO / deepstream.io
< 10.0.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

References

Metrics

Get notified