CVE-2026-0821

Medium CVSS: 6.9

A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_array_constructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called c5d80831e51e48a83eab16ea867be87f091783c5. A patch should be applied to remediate this issue.

Vendor

Quickjs-ng

Product

Quickjs

CWE

CWE-119

Yayın Tarihi

2026-01-10 13:15:49

Güncelleme

2026-02-23 09:16:38

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Quickjs MEDIUM Quickjs-ng 2026

Referanslar

https://github.com/quickjs-ng/quickjs/ https://github.com/quickjs-ng/quickjs/commit/c5d80831e51e48a83eab16ea867be87f091783c5 https://github.com/quickjs-ng/quickjs/issues/1296 https://github.com/quickjs-ng/quickjs/issues/1296#issue-3780003395 https://github.com/quickjs-ng/quickjs/pull/1299 https://vuldb.com/?ctiid.340355 https://vuldb.com/?id.340355 https://vuldb.com/?submit.731780

Benzer Kayıtlar

Medium

CVE-2026-1145

A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the function js_typed_array_…

Medium

CVE-2026-1144

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c o…

Medium

CVE-2026-0822

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort o…

Medium

CVE-2025-46688

quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer…

Medium

CVE-2024-13903

A vulnerability was found in quickjs-ng QuickJS up to 0.8.0. It has been declared as problematic. Affected by this vulne…