CVE-2026-0822

Medium CVSS: 5.3

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The identifier of the patch is 53eefbcd695165a3bd8c584813b472cb4a69fbf5. To fix this issue, it is recommended to deploy a patch.

Vendor

Quickjs-ng

Product

Quickjs

CWE

CWE-119

Yayın Tarihi

2026-01-10 14:15:50

Güncelleme

2026-02-23 09:16:38

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Quickjs MEDIUM Quickjs-ng 2026

Referanslar

https://github.com/quickjs-ng/quickjs/ https://github.com/quickjs-ng/quickjs/commit/53eefbcd695165a3bd8c584813b472cb4a69fbf5 https://github.com/quickjs-ng/quickjs/issues/1297 https://github.com/quickjs-ng/quickjs/issues/1297#issue-3780006202 https://github.com/quickjs-ng/quickjs/pull/1298 https://vuldb.com/?ctiid.340356 https://vuldb.com/?id.340356 https://vuldb.com/?submit.731783

Benzer Kayıtlar

Medium

CVE-2026-1145

A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the function js_typed_array_…

Medium

CVE-2026-1144

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c o…

Medium

CVE-2026-0821

A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_arra…

Medium

CVE-2025-46688

quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer…

Medium

CVE-2024-13903

A vulnerability was found in quickjs-ng QuickJS up to 0.8.0. It has been declared as problematic. Affected by this vulne…