CVE-2026-44291

Six vulnerabilities in protobuf.js could enable remote code execution or denial of service in Node.js apps, according to a Cyera technical analysis. Patches are available for affected protobufjs and protobufjs-cli releases.