CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

vulnersOsv•added 2025/11/14 6:31 p.m.•3 views

10minions-engine (>=0.0.1 <=0.0.4), 3ui (>=0.1.0 <=0.1.8) +1043 more potentially affected by CVE-2025-13204 via expr-eval (>=0.12.0 <=2.0.2)

expr-eval NPM version =0.12.0, =0.0.1, =0.1.0, =1.0.2, =1.2.0, =1.0.0, =0.0.9, =0.0.1, =0.1.4, =0.0.11, =0.0.1, =0.0.0, =0.0.1 - @alphalang-ai/alphalang =0.0.1-alpha and more Source cves: CVE-2025-13204 Source advisory: OSV:GHSA-8GW3-RXH4-V6JX...

7.3CVSS5.8AI score0.00056EPSS

Exploits1

OSV•added 2025/11/14 5:16 p.m.•1 views

CVE-2025-13204

npm package expr-eval is vulnerable to Prototype Pollution. An attacker with access to express eval interface can use JavaScript prototype-based inheritance model to achieve arbitrary code execution. The npm expr-eval-fork package resolves this issue...

7.3CVSS6AI score0.00056EPSS

Exploits1References7

Cvelist•added 2025/11/14 5:2 p.m.•7 views

CVE-2025-13204 CVE-2025-13204

0.00056EPSS

Exploits1References7

CERT•added 2025/11/07 12:0 a.m.•5 views

Vulnerability in expr-eval JavaScript library can lead to arbitrary code execution

Overview The npm package expr-eval is a JavaScript library that evaluates mathematical expressions and is used in various applications, including NLP and AI. A vulnerability in this library has been disclosed that could allow arbitrary code execution by an attacker using maliciously crafted input...

9.8CVSS7.8AI score0.00074EPSS

Exploits1References6

vulnersOsv•added 2025/11/05 3:30 a.m.•4 views

10minions-engine (>=0.0.1 <=0.0.4), 3ui (>=0.1.0 <=0.1.8) +1043 more potentially affected by CVE-2025-12735 via expr-eval (>=0.12.0 <=2.0.2)

9.8CVSS7.3AI score0.00074EPSS

Exploits0

vulnersOsv•added 2025/09/18 1:2 p.m.•4 views

10minions-engine (>=0.0.1 <=0.0.4), 3ui (>=0.1.0 <=0.1.8) +1043 more potentially affected by CVE-2025-13204 via expr-eval (>=0.12.0 <=2.0.2)

7.3CVSS5.8AI score0.00056EPSS

Exploits1

Rows per page