diff --git a/.changeset/solid-apples-clap.md b/.changeset/solid-apples-clap.md
new file mode 100644
index 000000000000..8691d702db0b
--- /dev/null
+++ b/.changeset/solid-apples-clap.md
@@ -0,0 +1,5 @@
+---
+'@sveltejs/kit': patch
+---
+
+fix: use hasOwn check when deep-setting object properties
diff --git a/packages/kit/src/runtime/form-utils.js b/packages/kit/src/runtime/form-utils.js
index 78554b4e058b..7616af3b3ee2 100644
--- a/packages/kit/src/runtime/form-utils.js
+++ b/packages/kit/src/runtime/form-utils.js
@@ -441,7 +441,7 @@ export function deep_set(object, keys, value) {
 		check_prototype_pollution(key);
 
 		const is_array = /^\d+$/.test(keys[i + 1]);
-		const exists = key in current;
+		const exists = Object.hasOwn(current, key);
 		const inner = current[key];
 
 		if (exists && is_array !== Array.isArray(inner)) {
diff --git a/packages/kit/src/runtime/form-utils.spec.js b/packages/kit/src/runtime/form-utils.spec.js
index 96b153c4a3b7..2da47208fe72 100644
--- a/packages/kit/src/runtime/form-utils.spec.js
+++ b/packages/kit/src/runtime/form-utils.spec.js
@@ -2,6 +2,7 @@ import { beforeAll, describe, expect, test } from 'vitest';
 import {
 	BINARY_FORM_CONTENT_TYPE,
 	convert_formdata,
+	deep_set,
 	deserialize_binary_form,
 	serialize_binary_form,
 	split_path
@@ -243,3 +244,16 @@ describe('binary form serializer', () => {
 		expect(res.data).toEqual({ a: 1 });
 	});
 });
+
+describe('deep_set', () => {
+	test('always creates own property', () => {
+		const target = {};
+
+		deep_set(target, ['toString', 'property'], 'hello');
+
+		// @ts-ignore
+		expect(target.toString.property).toBe('hello');
+		// @ts-ignore
+		expect(Object.prototype.toString.property).toBeUndefined();
+	});
+});