Prototype Pollution
Prototype pollution is a JavaScript-specific vulnerability class where an attacker injects properties into Object.prototype, affecting every object in the application. It is less well-known than XSS or CSRF, but has led to serious real-world exploits — including remote code execution in Node.js.