CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-57320

json-schema-editor-visual is a package that provides jsonschema editor. A Prototype Pollution vulnerability in the setData and deleteData function of json-schema-editor-visual versions thru 1.1.1 allows attackers to inject or delete properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.3%

CVSS Severity

CVSS v3 Score 6.5

References

https://github.com/VulnSageAgent/PoCs/blob/main/JavaScript/prototype-pollution/json-schema-editor-visual%401.1.1/index.js
https://github.com/VulnSageAgent/PoCs/tree/main/JavaScript/prototype-pollution/CVE-2025-57320

Products affected by CVE-2025-57320

Open-Federation » Json-Schema-Editor-Visual » Version: Any

cpe:2.3:a:open-federation:json-schema-editor-visual:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-57320

Products

Pricing

Contact Us