{"vulnerability": "cve-2026-8657", "sightings": [{"uuid": "3a38e810-20c3-48b1-9358-9f6bf0a774db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8657", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlz7m3b64q22", "content": "HIGH severity alert: jsondiffpatch <0.7.6 is vulnerable to prototype pollution via patch APIs. Avoid untrusted input until patches are confirmed. More info: https://radar.offseq.com/threat/cve-2026-8657-prototype-pollution-in-jsondiffpatch-73cb7b51 #OffSeq #vuln #NodeJS", "creation_timestamp": "2026-05-17T01:30:29.691667Z"}, {"uuid": "bd5c84c8-1f47-437c-8c38-a54e63c1cc4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8657", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116587326764358912", "content": "\u26a0\ufe0f HIGH severity: CVE-2026-8657 in jsondiffpatch <0.7.6 enables remote prototype pollution via patch APIs. Patch status unconfirmed \u2014 avoid untrusted input & monitor vendor updates. Details: https://radar.offseq.com/threat/cve-2026-8657-prototype-pollution-in-jsondiffpatch-73cb7b51 #OffSeq #infosec #NodeJS #vuln", "creation_timestamp": "2026-05-17T01:30:47.765937Z"}]}