216.73.217.64

CVE-2026-0821

· Published 10/01/2026 13:15 · Modified 10/01/2026 13:15

Labels: CVE-2026-0821 2026-01-10CVE-2026-0821CWE-119[email protected]

Essential information

Published
10/01/2026 13:15
Modified
10/01/2026 13:15
Author
Creator
CVSS
6.9 MEDIUM (v3) 6.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_array_constructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called c5d80831e51e48a83eab16ea867be87f091783c5. A patch should be applied to remediate this issue.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
quickjs-ng / quickjs cpe:2.3:a:quickjs-ng:quickjs:<0.11.0:*:*:*:*:*:*:*

References