-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| flatnest | npm | <= 1.0.0 |
JavaScriptJavaScriptMiggo AIRoot Cause AnalysisThe vulnerability stems from the insert() helper function in nest.js, which handles path traversal during object nesting. The pre-patch code lacked checks for prototype-pollution vectors:
This is confirmed by:
Ongoing coverage of React2Shell