CVE-2025-3982

Name of the Vulnerable Software and Affected Versions nortikin Sverchok version 1.3.0

Description A problematic issue was found in the function SvSetPropNodeMK2 of the file sverchok/nodes/object nodes/getsetprop mk2.py of the component Set Property Mk2 Node. This issue leads to improperly controlled modification of object prototype attributes, also known as 'prototype pollution'. The attack can be launched remotely. The exploit has been publicly disclosed.

Recommendations For nortikin Sverchok version 1.3.0, as a temporary workaround, consider disabling the SvSetPropNodeMK2 function until a patch is available. Restrict access to the Set Property Mk2 Node component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.