Lucene search
K

9 matches found

EUVD
EUVD
added 2 hours ago4 views

EUVD-2026-42599

A security flaw has been discovered in enquirer up to 2.4.1. Affected is the function Enquirer.set of the component Public Package API. The manipulation of the argument question.name results in improperly controlled modification of object prototype attributes. The attack can be launched remotely...

5.3CVSS5.6AI score
Exploits0References8
NVD
NVD
added 4 hours ago3 views

CVE-2026-15187

A security flaw has been discovered in enquirer up to 2.4.1. Affected is the function Enquirer.set of the component Public Package API. The manipulation of the argument question.name results in improperly controlled modification of object prototype attributes. The attack can be launched remotely...

5.3CVSS
Exploits0References7
CVE
CVE
added 6 hours ago5 views

CVE-2026-15187

The CVE-2026-15187 issue affects the enquirer package (versions up to 2.4.1) and specifically the Enquirer.set function. The root cause is a prototype pollution vulnerability caused by manipulating the argument name (question.name), allowing improper modification of object prototype attributes. I...

5.3CVSS5.6AI score
Exploits0References7
Cvelist
Cvelist
added 6 hours ago6 views

CVE-2026-15187 enquirer Public Package API Enquirer.set prototype pollution

A security flaw has been discovered in enquirer up to 2.4.1. Affected is the function Enquirer.set of the component Public Package API. The manipulation of the argument question.name results in improperly controlled modification of object prototype attributes. The attack can be launched remotely...

5.3CVSS
Exploits0References7
OSV
OSV
added 2025/08/14 6:52 p.m.5 views

MAL-2025-27129 Malicious code in nbc-enquirer (npm)

The package nbc-enquirer was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.7 views

Malicious code in nbc-enquirer (npm)

The package nbc-enquirer was found to contain malicious code...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/05 9:15 a.m.4 views

constructionenquirer.com Cross Site Scripting vulnerability OBB-3390800

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
vulnersOsv
vulnersOsv
added 2021/05/06 6:11 p.m.4 views

@digiwano/enquirer-experiments (>=0.0.1 <=0.0.3), firepit (=0.0.1) +1 more potentially affected by CVE-2020-7716 via deeps (=1.4.5)

deeps NPM version =1.4.5 is affected by a known vulnerability. The following packages have a transitive dependency on deeps and may be impacted: - @digiwano/enquirer-experiments =0.0.1, =0.0.3 - firepit =0.0.1 - rnfb-cli =1.0.0 Source cves: CVE-2020-7716 Source advisory: OSV:GHSA-RGFV-V3JH-7FFP...

9.8CVSS7.2AI score0.01916EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/08/14 9:36 a.m.5 views

@digiwano/enquirer-experiments (>=0.0.1 <=0.0.3), firepit (=0.0.1) +1 more potentially affected by CVE-2020-7716 via deeps (=1.4.5)

deeps NPM version =1.4.5 is affected by a known vulnerability. The following packages have a transitive dependency on deeps and may be impacted: - @digiwano/enquirer-experiments =0.0.1, =0.0.3 - firepit =0.0.1 - rnfb-cli =1.0.0 Source cves: CVE-2020-7716 Source advisory: SNYK:JS-DEEPS-598667...

9.8CVSS7.2AI score0.01916EPSS
Exploits1
Rows per page
Query Builder