CVE-2026-3979 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function js_iterator_concat_return of the file quickjs.c. This manipulation causes us…
Medium CVSS: 4.8

CVE-2026-3979

A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function js_iterator_concat_return of the file quickjs.c. This manipulation causes use after free. The attack requires local access. The exploit has been published and may be used. Patch name: daab4ad4bae4ef071ed0294618d6244e92def4cd. Applying a patch is the recommended action to fix this issue.
Vendor
-
Product
-
CWE
CWE-119
Yayın Tarihi
2026-03-12 04:16:40
Güncelleme
2026-03-12 21:07:53
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-119 MEDIUM 2026

Referanslar

https://github.com/quickjs-ng/quickjs/ https://github.com/quickjs-ng/quickjs/commit/daab4ad4bae4ef071ed0294618d6244e92def4cd https://github.com/quickjs-ng/quickjs/issues/1368 https://github.com/quickjs-ng/quickjs/issues/1368#issue-4004680962 https://github.com/quickjs-ng/quickjs/pull/1370 https://vuldb.com/?ctiid.350414 https://vuldb.com/?id.350414 https://vuldb.com/?submit.769600