EUVD-2026-1846

🗓️ 10 Jan 2026 13:32:08Reported by EUVDType

Heap overflow in quickjs-ng js_typed_array_sort up to 0.11.0; remote exploit possible; patch 53eefbcd695165a3bd8c584813b472cb4a69fbf5 recommended.

Reporter	Title	Published	Views	Family All 14
AlpineLinux	CVE-2026-0822	10 Jan 202613:32	–	alpinelinux
Circl	CVE-2026-0822	10 Jan 202615:00	–	circl
CNNVD	QuickJS 安全漏洞	10 Jan 202600:00	–	cnnvd
CVE	CVE-2026-0822	10 Jan 202613:32	–	cve
Cvelist	CVE-2026-0822 quickjs-ng quickjs quickjs.c js_typed_array_sort heap-based overflow	10 Jan 202613:32	–	cvelist
Debian CVE	CVE-2026-0822	10 Jan 202613:32	–	debiancve
NVD	CVE-2026-0822	10 Jan 202614:15	–	nvd
OSV	DEBIAN-CVE-2026-0822	10 Jan 202614:15	–	osv
OSV	UBUNTU-CVE-2026-0822	10 Jan 202614:15	–	osv
Positive Technologies	PT-2026-2028	10 Jan 202600:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "fad69b30-7cfb-3135-aec3-3417890b57ed",
        "vendor": {
          "name": "quickjs-ng"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "06f01764-36f0-3e57-886d-a8772889c729",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.3"
      },
      {
        "id": "0ce2162f-3b67-3387-8314-84279b099e7e",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.6"
      },
      {
        "id": "24b7325b-a853-3d31-846e-16e07adcdb60",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.5"
      },
      {
        "id": "436fca0f-1667-36a2-b520-ac6ecc56f16a",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.4"
      },
      {
        "id": "8dd1cc79-514a-3664-b216-a7620cd02c42",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.10"
      },
      {
        "id": "957be4e6-86ca-3fa1-9084-fe33c6b5e2a7",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.1"
      },
      {
        "id": "c06d51e2-1811-3509-ab21-3167718eddcf",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.8"
      },
      {
        "id": "cdb5806a-9892-399d-9965-c2b9d971f47f",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.9"
      },
      {
        "id": "d2b68cf2-f985-3cd2-9c7e-1456d4d86bac",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.11.0"
      },
      {
        "id": "d8c90877-a70d-35bb-b461-fc8d7cea6bca",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.2"
      },
      {
        "id": "f3beaca9-ab19-327c-a3d9-7d8e7ac5d1ef",
        "product": {
          "name": "QuickJS"
        },
        "product_version": "0.7"
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-0822
github	www.github.com/quickjs-ng/quickjs/issues/1297
github	www.github.com/quickjs-ng/quickjs/issues/1297
github	www.github.com/quickjs-ng/quickjs/pull/1298
github	www.github.com/quickjs-ng/quickjs/commit/53eefbcd695165a3bd8c584813b472cb4a69fbf5
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

10 Jan 2026 13:32Current

6.4Medium risk

Vulners AI Score6.4

CVSS 45.3

CVSS 3.16.3

CVSS 27.5

CVSS 36.3

EPSS0.00081