Launch Week Day 1: Announcing Security Design Review

parse-ini is vulnerable to Prototype Pollution in index.js()

GHSA-x72j-hv9f-qqh4 · CVE-2025-63703

Published May 7, 2026 · Modified May 12, 2026

Description

npm package parse-ini v1.0.6 is vulnerable to Prototype Pollution in index.js().

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes