Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-r3kv-qx7u-wff1
Vulnerability ID VCID-r3kv-qx7u-wff1
Aliases CVE-2024-57072
GHSA-q5j8-9m9g-x2jh
Summary
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2024-57072
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2024-57072
cvssv3.1 7.5 https://gist.github.com/tariqhawis/8b1fe301dd1ea52952cef347daddee67
generic_textual HIGH https://gist.github.com/tariqhawis/8b1fe301dd1ea52952cef347daddee67
cvssv3.1 7.5 https://github.com/exuanbo/module-from-string
generic_textual HIGH https://github.com/exuanbo/module-from-string
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2024-57072
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2024-57072
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2024-57072
https://gist.github.com/tariqhawis/8b1fe301dd1ea52952cef347daddee67
https://github.com/exuanbo/module-from-string
https://nvd.nist.gov/vuln/detail/CVE-2024-57072
GHSA-q5j8-9m9g-x2jh https://github.com/advisories/GHSA-q5j8-9m9g-x2jh
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://gist.github.com/tariqhawis/8b1fe301dd1ea52952cef347daddee67
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/exuanbo/module-from-string
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-57072
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.21497
EPSS Score 0.0007
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-12T02:29:13.882407+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 38.6.0