No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Thu, 09 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 09 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A security flaw has been discovered in enquirer up to 2.4.1. Affected is the function Enquirer.set of the component Public Package API. The manipulation of the argument question.name results in improperly controlled modification of object prototype attributes. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report. | |
| Title | enquirer Public Package API Enquirer.set prototype pollution | |
| First Time appeared |
Enquirer
Enquirer enquirer |
|
| Weaknesses | CWE-1321 CWE-94 |
|
| CPEs | cpe:2.3:a:enquirer:enquirer:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Enquirer
Enquirer enquirer |
|
| References |
| |
| Metrics |
cvssV2_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-09T16:07:24.338Z
Reserved: 2026-07-09T05:14:13.888Z
Link: CVE-2026-15187
Updated: 2026-07-09T16:07:21.919Z
No data.
No data.
OpenCVE Enrichment
No data.