CVE-2025-63703 | THREATINT

Description

npm package parse-ini v1.0.6 is vulnerable to Prototype Pollution in index.js().

PUBLISHED Reserved 2025-10-27 | Published 2026-05-07 | Updated 2026-05-08 | Assigner mitre

References

www.npmjs.com/package/parse-ini?activeTab=code

gist.github.com/6en6ar/bdc8e0d472406ab98431f10273cbdbf3

cve.org (CVE-2025-63703)

nvd.nist.gov (CVE-2025-63703)

Download JSON

help @ threatint.eu