Articles tagged protobuf on devtake.dev.https://devtake.dev/en-ushttps://devtake.dev/article/protobuf-javascript-rce-cve/https://devtake.dev/article/protobuf-javascript-rce-cve/GHSA-xq3m-2v4x-88gg hits protobuf.js ≤8.0.0 / ≤7.5.4. Attacker-controlled schemas executed arbitrary JS on decode. One-line fix patched it.Tue, 21 Apr 2026 12:00:00 GMTsecuritynpmprotobufjavascriptsupply-chainrceendor-labsgrpcluca-reinhardt