Ghostwire

CVE-2026-16151: A vulnerability has been found in CartoDB carto-api-client 0.5.29. This impacts the function addFilter of the file...

MEDIUM CVSS 6.3 Exploit Available

Published: July 18, 2026 | Last Modified: July 18, 2026

Description

A vulnerability has been found in CartoDB carto-api-client 0.5.29. This impacts the function addFilter of the file src/filters.ts. Such manipulation of the argument column leads to improperly controlled modification of object prototype attributes. The attack can be executed remotely. The project was informed of the problem early through an issue report but has not responded yet.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References