CVE-2026-1979

Medium CVSS: 4.8

A flaw has been found in mruby up to 3.4.0. This affects the function mrb_vm_exec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This patch is called e50f15c1c6e131fa7934355eb02b8173b13df415. It is advisable to implement a patch to correct this issue.

Vendor

Mruby

Product

Mruby

CWE

CWE-119

Yayın Tarihi

2026-02-06 05:16:12

Güncelleme

2026-02-28 00:33:39

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Mruby MEDIUM Mruby 2026

Referanslar

https://github.com/mruby/mruby/ https://github.com/mruby/mruby/issues/6701 https://github.com/mruby/mruby/issues/6701#issue-3802609843 https://github.com/sysfce2/mruby/commit/e50f15c1c6e131fa7934355eb02b8173b13df415 https://vuldb.com/?ctiid.344501 https://vuldb.com/?id.344501 https://vuldb.com/?submit.743377

Benzer Kayıtlar

Medium

CVE-2025-13120

A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sort_cmp of the file src/ar…

Medium

CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems…

Medium

CVE-2025-7207

A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scope…