Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
Warning: High severity vulnerability in Vue I18n, a Vue.js plugin. Possible Remote Code Execution, PoC available Patch Immediately!
Image
Published : 20/11/2025
- Last update: 20/11/2025
- Affected software:
→ intlify: vue-i18n (internationalization plugin for Vue.js) Affected versions: >= 9.1.0, < 9.14.3 >= 10.0.0-alpha.1, < 10.0.6 >= 11.0.0-beta.0, < 11.1.2- Type: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
- CVE/CVSS
→ CVE-2025-27597: CVSS 8.9 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P)
Sources
https://github.com/intlify/vue-i18n/security/advisories/GHSA-p2ph-7g93-hw3m
Risks
This vulnerability in Vue I18n allows an attacker to cause a denial of service and, depending on the implementation of your site, arbitrary command execution. Multiple intlify packages related to Vue I18n are affected. This vulnerability has a high impact on availability at the least and possibly on integrity and confidentiality. Due to the ease of exploitation and the availability of a proof-of-concept, immediate exploitation can be expected. Patch immediately.
Description
When an attacker provides input that gets translated that contains keywords like “proto” or “constructor”, they can alter or add properties on objects, affecting your whole Vue.js application. If later in your code properties are used as an argument when executing commands, these can naturally also be changed leading to arbitrary code execution.
In general, there is always a big risk in handling user input.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity and ensure a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via https://ccb.belgium.be/en/cert/report-incident.
While patching appliances or software to the newest version may protect against future exploitation, it does not remediate historic compromise.
References
https://www.cve.news/cve-2025-27597/
https://nvd.nist.gov/vuln/detail/CVE-2025-27597