Proto6 Flaws in protobuf.js Expose Node.js Apps to RCE and DoS Attacks

Cybersecurity researchers at Cyera have disclosed six vulnerabilities in protobuf.js, a widely used JavaScript and TypeScript implementation of Google's Protocol Buffers serialization format. Collectively tracked as Proto6, the flaws enable remote code execution (RCE) and denial-of-service (DoS) attacks against Node.js applications, with severity scores ranging from 5.3 to 8.7. "In affected environments, a single malicious protobuf schema, descriptor, or crafted payload could be enough to trigger crashes, runtime corruption, or even code execution," said Cyera security researcher Assaf Morag. The issues also extend to Google Cloud client libraries, messaging frameworks like the Baileys WhatsApp Web automation library, and CI/CD pipelines that rely on protobuf.js for data deserialization or code generation.

The six CVEs include CVE-2026-44289 and CVE-2026-44290 (both CVSS 7.5), which enable DoS through unbounded protobuf recursion and unsafe option path loading, respectively. CVE-2026-44291 (CVSS 8.1) is the most severe, allowing code execution when attacker-controlled input reaches a prototype pollution gadget that protobuf.js later resolves through plain property lookups. The remaining flaws—CVE-2026-44292, CVE-2026-44294, and CVE-2026-44295 (CVSS 5.3 to 8.7)—cover prototype injection in message constructors, crafted field name crashes, and code injection in pbjs static output. "That input reaches a prototype pollution gadget," security researcher Vladimir Tokarev explained. "Later, the same process uses protobuf.js to encode or decode a message. Because protobuf.js resolves type names through plain property lookups, a polluted Object.prototype can make an attacker-controlled string look like a valid protobuf."

According to Cyera, every vulnerability stems from protobuf.js treating schema and metadata as trusted by default, a validation gap that can alter application behavior and open the door to code execution. In a realistic attack chain, an adversary could poison a CI/CD workflow with a malicious schema to leak build secrets via CVE-2026-44295, or crash Node.js services such as WhatsApp bots built on Baileys using a crafted message tied to CVE-2026-44292. The risk surface is broad: protobuf.js powers data exchange across AI ecosystems, cloud platforms, and third-party integrations where schemas and configuration files move between services. Organizations running Node.js services that deserialize Protobuf data should audit their dependencies, patch immediately, and verify their build pipelines for suspicious schemas. Defenders can also run a SSL/TLS checker to ensure encrypted transport for Protobuf traffic, audit exposed infrastructure with a port scanner, and use a password checker to confirm that no CI/CD build secrets have already been compromised in prior incidents.