CVE-2026-29078 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Lexbor is a web browser engine library. Prior to 2.7.0, the ISO‑2022‑JP encoder in Lexbor fails to reset the temporary size variable between iterations. The sta…
High CVSS: 8.2

CVE-2026-29078

Lexbor is a web browser engine library. Prior to 2.7.0, the ISO‑2022‑JP encoder in Lexbor fails to reset the temporary size variable between iterations. The statement ctx->buffer_used -= size with a stale size = 3 causes an integer underflow that wraps to SIZE_MAX. Afterwards, memcpy is called with a negative length, leading to an out‑of‑bounds read from the stack and an out‑of‑bounds write to the heap. The source data is partially controllable via the contents of the DOM tree. This vulnerability is fixed in 2.7.0.
Vendor
Lexbor
Product
Lexbor
CWE
CWE-191
Yayın Tarihi
2026-03-13 19:54:32
Güncelleme
2026-03-18 20:28:10
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-191 Lexbor HIGH Lexbor 2026

Referanslar

https://github.com/lexbor/lexbor/security/advisories/GHSA-mrwr-xh7f-96v3