{"id":"CVE-2026-31865","summary":"Elysia Cookie Value Prototype Pollution","details":"Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation, and client-server communication. Prior to version 1.4.27, an Elysia cookie can be overridden by prototype pollution , eg. `__proto__`. This issue is patched in 1.4.27. As a workaround, use t.Cookie validation to enforce validation value and/or prevent iterable over cookie if possible.","aliases":["GHSA-8hq9-phh3-p2wp"],"modified":"2026-04-10T05:42:10.910902Z","published":"2026-03-18T02:50:55.403Z","database_specific":{"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31865.json","cwe_ids":["CWE-1321"]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31865.json"},{"type":"ADVISORY","url":"https://github.com/elysiajs/elysia/security/advisories/GHSA-8hq9-phh3-p2wp"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31865"},{"type":"FIX","url":"https://github.com/elysiajs/elysia/commit/e9d6b1743fa7368ef942dce181f6a089757f6aab"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/elysiajs/elysia","events":[{"introduced":"0"},{"fixed":"cc9159b5c60a8eb16bbac4525005e2b5880d3624"}]}],"versions":["0.0.0-experimental.28","0.0.0-experimental.29","0.0.0-experimental.37","0.0.0-experimental.39","0.0.0-experimental.51","0.1","0.2.0","0.3","0.4","0.7","0.8.0-exp.10","1.1.12","1.1.13","1.2.1","1.2.10","1.2.11","1.2.12","1.2.13","1.2.14","1.2.15","1.2.16","1.2.17","1.2.18","1.2.19","1.2.2","1.2.20","1.2.21","1.2.22","1.2.23","1.2.24","1.2.25","1.2.3","1.2.4","1.2.5","1.2.6","1.2.7","1.2.8","1.2.9","1.3.0","1.3.1","1.3.10","1.3.11","1.3.12","1.3.2","1.3.3","1.3.4","1.3.5","1.3.6","1.3.7","1.3.8","1.3.9","1.4.1","1.4.10","1.4.11","1.4.12","1.4.13","1.4.14","1.4.15","1.4.16","1.4.17","1.4.18","1.4.19","1.4.2","1.4.20","1.4.21","1.4.22","1.4.23","1.4.24","1.4.25","1.4.26","1.4.3","1.4.4","1.4.5","1.4.6","1.4.8","1.4.9","v0.4.12","v0.5.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31865.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}]}