i18next-fs-backend Prototype Pollution Vulnerability Fixed in 2.6.6

Prototype pollution vulnerability in i18next-fs-backend ≤ 2.6.5 when processing missing-key strings. Fixed in 2.6.6 by blocking unsafe segments (__proto__, constructor, prototype).

Applications using i18next-fs-backend ≤ 2.6.5 with i18next-http-middleware's missingKeyHandler exposed to untrusted input, and keySeparator not set to false.

Upgrade i18next-fs-backend to version 2.6.6 or later immediately. If upgrade is not possible, disable missing-key persistence or set keySeparator: false.