Set-in_project Set-in

3 CVEs affecting Set-in_project Set-in. Latest disclosed: 2026-02-11. Critical: 2, High: 1.

Top CVEs affecting Set-in_project Set-in
CVESeverityScorePublishedSummary
CVE-2026-26021Critical9.82026-02-11set-in provides the set value of nested associative structure given array of keys. A prototype pollution vulnerability exists in the the npm package set-in (>=…
CVE-2020-28273Critical9.82020-12-02Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution.
CVE-2022-25354High8.62022-03-17The package set-in before 2.0.3 are vulnerable to Prototype Pollution via the setIn method, as it allows an attacker to merge object prototypes into it. **Note…