CVE-2023-36665, a prototype pollution bug found in protobuf.js by Jazzer.js, received a CVSS score of 9.8.

This is another example that #fuzzing is beneficial for memory-safe languages and can find more than just memory corruption bugs.