๐Ÿ” CVE Alert

CVE-2026-15702

MEDIUM 6.3

tamagui config.ts updateConfig prototype pollution

CVSS Score
6.3
EPSS Score
0.0%
EPSS Percentile
0th

A security vulnerability has been detected in tamagui up to 2.3.0. This affects the function updateConfig of the file code/core/web/src/config.ts. Such manipulation leads to improperly controlled modification of object prototype attributes. The attack may be performed from remote. Upgrading to version 2.3.1 is able to mitigate this issue. The name of the patch is e46af9879b7627934ea4d6d6e46e65cea53abb3d. The affected component should be upgraded.

CWE CWE-1321 CWE-94
Vendor n/a
Product tamagui
Published Jul 14, 2026
Last Updated Jul 15, 2026
Stay Ahead of the Next One

Get instant alerts for n/a tamagui

Be the first to know when new medium vulnerabilities affecting n/a tamagui are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

n/a / tamagui
2.0 2.1 2.2 2.3.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
vuldb.com: https://vuldb.com/vuln/378249 vuldb.com: https://vuldb.com/vuln/378249/cti vuldb.com: https://vuldb.com/cve/CVE-2026-15702 vuldb.com: https://vuldb.com/submit/856138 github.com: https://github.com/tamagui/tamagui/issues/4029 github.com: https://github.com/tamagui/tamagui/commit/e46af9879b7627934ea4d6d6e46e65cea53abb3d github.com: https://github.com/tamagui/tamagui/releases/tag/v2.3.1 github.com: https://github.com/tamagui/tamagui/

Credits

๐Ÿ” wjm1 (VulDB User)