CNNVD-202602-1809 Information
Feb 11, 2026
cve
CNNVD ID
CNNVD-202602-1809
Related CVE
- CNNVD Published: 2026-02-11
Description (Chinese)
set-in是Mikey个人开发者的一个JavaScript库。 set-in 2.0.1至2.0.5之前版本存在安全漏洞,该漏洞源于对用户输入检查不足,可能导致通过特制输入污染Object.prototype的原型污染攻击。
Description (English)
Set-in is a JavaScript library of Mikey’s personal developer. There is a safety loophole in the pre-set-in 2.0.1 to 2.0.5 version, which arises from inadequate user input checks, which may result in a prototype pollution attack by special input that contaminates Object.prototype.
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2026-02-11
Last Modified
2026-02-24
References
https://github.com/ahdinosaur/set-in/commit/b8e1dabfdbd35c8d604b6324e01d03f280256c3d https://github.com/ahdinosaur/set-in/security/advisories/GHSA-2c4m-g7rx-63q7
Patch
https://www.npmjs.com/package/set-in
Share on: