CVE-2026-2869

Medium CVSS: 4.8

A vulnerability was identified in janet-lang janet up to 1.40.1. Affected by this vulnerability is the function janetc_varset of the file src/core/specials.c of the component handleattr Handler. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is publicly available and might be used. Upgrading to version 1.41.0 addresses this issue. The identifier of the patch is 2fabc80151a2b8834ee59cda8a70453f848b40e5. The affected component should be upgraded.

Vendor

Janet-lang

Product

Janet

CWE

CWE-119

Yayın Tarihi

2026-02-21 15:15:58

Güncelleme

2026-02-26 02:46:40

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Janet MEDIUM Janet-lang 2026

Referanslar

https://github.com/janet-lang/janet/ https://github.com/janet-lang/janet/commit/2fabc80151a2b8834ee59cda8a70453f848b40e5 https://github.com/janet-lang/janet/issues/1699 https://github.com/janet-lang/janet/releases/tag/v1.41.0 https://github.com/oneafter/0123/blob/main/ja1/repro https://vuldb.com/?ctiid.347106 https://vuldb.com/?id.347106 https://vuldb.com/?submit.754589

Benzer Kayıtlar

Medium

CVE-2026-2241

A vulnerability was found in janet-lang janet up to 1.40.1. This affects the function os_strftime of the file src/core/o…

Medium

CVE-2026-2242

A vulnerability was determined in janet-lang janet up to 1.40.1. This impacts the function janetc_if of the file src/cor…

Medium

CVE-2026-2240

A vulnerability has been found in janet-lang janet up to 1.40.1. The impacted element is the function janetc_pop_funcdef…