A vulnerability classified as critical was found in WebReflection flatted up to 3.4.1 . Affected is the function parse of the component JSON Parser . The manipulation results in improperly controlled modification of object prototype attributes. This vulnerability is identified as CVE-2026-33228 . The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.