A vulnerability classified as problematic was found in ts-deepmerge up to 7.x . This affects an unknown part. The manipulation results in uncaught exception. This vulnerability is known as CVE-2026-12644 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.