PT-2026-7279 · Unknown · Casl Ability

Alma Security

Published

2026-02-10

Updated

2026-02-12

CVE-2026-1774

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions CASL Ability versions 2.4.0 through 6.7.4

Description CASL Ability contains a prototype pollution vulnerability. This issue affects versions 2.4.0 through 6.7.4. Prototype pollution occurs when an attacker manipulates the properties of JavaScript objects, potentially leading to denial of service or unauthorized access.

Recommendations Update CASL Ability to a version later than 6.7.4.

Fix

Prototype Pollution

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1321

Related Identifiers

CVE-2026-1774

GHSA-X9VF-53Q3-CVX6

Affected Products

Casl Ability

PT-2026-7279 · Unknown · Casl Ability

CVE-2026-1774

Weakness Enumeration

Related Identifiers

Affected Products

References · 12