EUVD-2026-11519

🗓️ 12 Mar 2026 06:31:36Reported by EUVDType

Flaw in QuickJS-NG up to 0.12.1 allows use-after-free in js_iterator_concat_return; local access required; patch recommended (daab4ad4bae4ef071ed0294618d6244e92def4cd).

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2026-3979	12 Mar 202603:16	–	circl
CNNVD	QuickJS 资源管理错误漏洞	12 Mar 202600:00	–	cnnvd
CVE	CVE-2026-3979	12 Mar 202603:32	–	cve
Cvelist	CVE-2026-3979 quickjs-ng quickjs quickjs.c js_iterator_concat_return use after free	12 Mar 202603:32	–	cvelist
Debian CVE	CVE-2026-3979	12 Mar 202603:32	–	debiancve
NVD	CVE-2026-3979	12 Mar 202604:16	–	nvd
OSV	UBUNTU-CVE-2026-3979	12 Mar 202604:16	–	osv
Positive Technologies	PT-2026-24918	12 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-3979	12 Mar 202612:35	–	redhatcve
UbuntuCve	CVE-2026-3979	12 Mar 202600:00	–	ubuntucve

[
  {
    "enisaIdVendor": [
      {
        "id": "5643031e-182c-3604-b88c-eb6f571111b2",
        "vendor": {
          "name": "quickjs-ng"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "bd1735d6-f77f-3b0a-907f-b48e9f775c16",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.12.0"
      },
      {
        "id": "eb927994-35de-383f-8df9-fa3b15a60240",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.12.1"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/quickjs-ng/quickjs/issues/1368
github	www.github.com/quickjs-ng/quickjs/pull/1370
github	www.github.com/quickjs-ng/quickjs/issues/1368
github	www.github.com/quickjs-ng/quickjs/commit/daab4ad4bae4ef071ed0294618d6244e92def4cd
github	www.github.com/quickjs-ng/quickjs/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-3979

12 Mar 2026 06:31Current

5.4Medium risk

Vulners AI Score5.4

CVSS 44.8

CVSS 24.3

CVSS 3.15.3

CVSS 35.3

EPSS0.00019

SSVC