CVE-2025-61140 | THREATINT

Description

The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.

PUBLISHED Reserved 2025-09-26 | Published 2026-01-28 | Updated 2026-01-29 | Assigner mitre

References

github.com/dchester/jsonpath

gist.github.com/Dremig/8105c189774217222a8ebea3ed4d341d

cve.org (CVE-2025-61140)

nvd.nist.gov (CVE-2025-61140)

Download JSON

help @ threatint.eu