4310 matches found
LiquidJS: memoryLimit Bypass through Negative Range Values Leads to Process Crash
Summary LiquidJS's memoryLimit security mechanism can be completely bypassed by using reverse range expressions e.g., 100000000..1, allowing an attacker to allocate unlimited memory. Combined with a string flattening operation e.g., replace filter, this causes a V8 Fatal error that crashes the...
CVE-2026-4716
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component...
CVE-2026-4702
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine component...
CVE-2026-4701
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...
CVE-2026-4698
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...
SUSE CVE-2026-4698
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
SUSE CVE-2026-4701
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
SUSE CVE-2026-4702
JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
SUSE CVE-2026-4716
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
SUSE CVE-2026-4723
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...
CVE-2026-4723
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...
Linux Distros Unpatched Vulnerability : CVE-2026-4702
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
PT-2026-28162
Name of the Vulnerable Software and Affected Versions LiquidJS versions prior to 10.25.1 Description LiquidJS’s memoryLimit security feature can be bypassed using reverse range expressions e.g., 100000000..1, allowing an attacker to allocate unlimited memory. When combined with a string flattenin...
Linux Distros Unpatched Vulnerability : CVE-2026-4698
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149,...
Linux Distros Unpatched Vulnerability : CVE-2026-4701
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
EUVD-2026-14861
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox 149...
EUVD-2026-14819
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox 149 and Firefox ESR 140.9...
EUVD-2026-14821
JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox 149 and Firefox ESR 140.9...
EUVD-2026-14813
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox 149, Firefox ESR 115.34, and Firefox ESR 140.9...
EUVD-2026-14848
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox 149 and Firefox ESR 140.9...