Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: protobuf (2 articles)Clear

Six protobuf.js flaws let malicious schemas run code in Node.js apps

Researchers at Cyera have disclosed six vulnerabilities, collectively named Proto6, in protobuf.js, a JavaScript and TypeScript library for Google's Protocol Buffers data format that sees more than 50 million downloads a week. The flaws stem from the library trusting schema and metadata by default, so a single malicious schema or crafted payload can crash a service, inject code, or lead to remote code execution. Cyera demonstrated real attacks including poisoning CI/CD pipelines to leak build secrets and crashing WhatsApp automation bots. Because protobuf.js is embedded across cloud services, AI platforms, and build systems, the reach is broad. Fixed versions are 7.5.6 and 8.0.2.

Check
Inventory applications and pipelines that depend on protobuf.js directly or transitively, and identify any that deserialize Protobuf data or generate code from schemas supplied by untrusted sources.
Affected
Node.js applications, cloud client libraries, CI/CD pipelines, and messaging frameworks using protobuf.js before 7.5.6 or 8.0.2 (CVEs include CVE-2026-44289, CVE-2026-44295) that process untrusted schemas.
Fix
Upgrade protobuf.js to 7.5.6 or 8.0.2 and protobufjs-cli to 1.2.1 or 2.0.2, and treat incoming schemas and descriptors as untrusted input rather than safe data.

Critical protobuf.js RCE hits JavaScript ecosystem - 50M weekly npm downloads, PoC published (GHSA-xq3m-2v4x-88gg)

Security firm Endor Labs disclosed a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers with nearly 50 million weekly downloads on npm. The bug lets attackers achieve RCE when an application loads a malicious protobuf schema. Root cause: protobuf.js builds JavaScript functions from protobuf schemas by concatenating strings and executing them via the Function() constructor, but doesn't validate schema-derived identifiers like message names. An attacker can supply a crafted schema that injects arbitrary JavaScript into the generated function, which then runs when the app processes any message using that schema. This opens access to environment variables, credentials, databases, and internal systems - plus lateral movement within infrastructure. Developer machines are also at risk if they load and decode untrusted schemas locally. The flaw has a proof-of-concept exploit in Endor Labs' advisory and 'exploitation is straightforward' per the researchers, but no in-the-wild exploitation has been observed yet. No official CVE assigned - tracked as GHSA-xq3m-2v4x-88gg. Reported March 2 by Cristian Staicu, patched on GitHub March 11, npm patches released April 4 (8.x branch) and April 15 (7.x branch).

Check
Audit your JavaScript and Node.js codebases plus transitive dependencies for protobuf.js. If you run any service that deserializes protobuf messages, treat this as urgent.
Affected
protobuf.js versions 8.0.0 and earlier on the 8.x branch, and 7.5.4 and earlier on the 7.x branch. The library is used for inter-service communication, real-time applications, and structured data storage in databases and cloud environments. Any app that loads attacker-influenced protobuf schemas is at risk - this includes services accepting schemas from users, partners, or untrusted registries.
Fix
Upgrade to protobuf.js 8.0.1 (8.x branch) or 7.5.5 (7.x branch). Check your package.json and package-lock.json for both direct and transitive dependencies - protobuf.js is often pulled in by other packages. For defense-in-depth per Endor Labs' guidance: treat schema-loading as untrusted input, prefer precompiled or static schemas in production, and audit transitive dependencies that may still pin an older protobuf.js version even after you upgrade your direct dependency.