Vulnerability ID: CVE-2026-2964 Affected Product and Version: Higuma Web-Audio-Recorder-JS 0.1/0.1.1 Vulnerability Type: Prototype Pollution Component: Dynamic Config Handling lib/WebAudioRecorder.js Affected Function: extend CVSS Meta Temp Score: 4.6 Current Exploit Price: $0-$5k CTI Interest Score: 3.42 CWE Classification: CWE-1321 Vulnerability Description: The function in the of the Higuma Web-Audio-Recorder-JS component can be manipulated with an unknown input, leading to a prototype pollution vulnerability. This results in improper control of modifications to object prototype attributes, impacting confidentiality, integrity, and availability. Attack Vector: Remote Exploit Status: An exploit exists Vendor Response: No response from the vendor regarding the disclosure