3 matches found
CVE-2026-26021
set-in provides the set value of nested associative structure given array of keys. A prototype pollution vulnerability exists in the the npm package set-in =2.0.1, 2.0.5. Despite a previous fix that attempted to mitigate prototype pollution by checking whether user input contained a forbidden key...
CVE-2026-26021
set-in provides the set value of nested associative structure given array of keys. A prototype pollution vulnerability exists in the the npm package set-in =2.0.1, 2.0.5. Despite a previous fix that attempted to mitigate prototype pollution by checking whether user input contained a forbidden key...
CVE-2026-26021
creationtimestamp| type| source ---|---|--- 2026-02-11 03:20:27+00:00| published-proof-of-concept| https://github.com/ahdinosaur/set-in/security/advisories/GHSA-2c4m-g7rx-63q7 2026-02-12 01:40:05+00:00| seen| https://gist.github.com/alon710/7fa9e24bf1f559b2a6524307fa25cc13 2026-02-14...