CWE-1321 · Improperly Controlled Modification of Object Prototype Attributes

Prototype Pollution

CWE-1321 3 case studies

Prototype Pollution is a JavaScript-specific class of vulnerability where an attacker can inject properties into Object.prototype via a crafted key like __proto__ or constructor. Because every JavaScript object inherits from Object.prototype, polluting it affects every object in the runtime — enabling privilege escalation, authentication bypass, or remote code execution depending on how the corrupted properties are later used.

It slips through code review because the dangerous pattern often appears in utility functions — deep merge, recursive assign, path-set — that look perfectly reasonable in isolation. The vulnerability only manifests when those functions receive attacker-controlled input, and the actual exploitation happens somewhere else in the codebase that reads a property from an ordinary object.

PullLight looks for recursive object merge patterns, bracket-notation property assignment from dynamic keys, and JSON.parse results flowing into object merge functions. It flags these with the pollutable path and points to where the polluted property would be consumed.

Case studies in this class

10.0

CVSS

CVE-2026-44005

Prototype Pollution / Sandbox Escape

CVE-2026-44005 — vm2 Sandbox Escape

Prototype Pollution → Authorization Bypass

CVE-2026-1774 — CASL Prototype Pollution

Prototype Pollution via Plain Object CSP Parsing

CVE-2025-55164 — @helmetjs CSP Parser Prototype Pollution

@helmetjs/csp-parser

→

Frequently asked questions

What is Prototype Pollution?

Prototype Pollution is a JavaScript vulnerability where an attacker can inject properties into Object.prototype by using crafted keys like __proto__ or constructor.prototype. Since all objects inherit from Object.prototype, this can corrupt application behavior globally.

How do you prevent Prototype Pollution?

Use Object.create(null) for dictionaries, validate keys against an allowlist before recursive assignment, use structuredClone() or lodash.cloneDeep with __proto__ guards, or use Map instead of plain objects for user-supplied key/value storage.

Can AI catch Prototype Pollution in code review?

Yes — AI review excels at finding prototype pollution because it can identify the merge/assign pattern, recognize __proto__/constructor as dangerous keys in context, and trace where user input reaches those functions across multiple files.

Has PullLight caught real Prototype Pollution vulnerabilities?

Yes. PullLight flagged Prototype Pollution in vm2 (CVE-2026-44005, CVSS 10.0), CASL/ability (CVE-2026-1774, CVSS 9.8), and @helmetjs/csp-parser (CVE-2025-55164, CVSS 8.8).

PullLight catches Prototype Pollution in live code review.
Hooks into GitHub PRs automatically — flags taint flows, not just lint rules.

Try the live demo →

See an example review comment: Browse AI code review examples →