CVE-2025-54803
Published: 05 August 2025
Summary
CVE-2025-54803 is a high-severity Prototype Pollution (CWE-1321) vulnerability in Sunnyadn Js-Toml. Its CVSS base score is 7.9 (High).
Operationally, ranked in the top 46.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-23575
Vulnerability details
js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. In versions below 1.0.2, a prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a…
more
maliciously crafted TOML input. This is fixed in version 1.0.2.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.