CVE-2026-47375

CVE-2026-47375 (NocoDB) : A Postgres-backed deployment is vulnerable to authenticated SQL injection through the ARRAYSORT formula when a user with columnAdd permission supplies a malicious second argument. The issue arises because the attacker-controlled value is embedded into a knex.raw ORDER BY...

OESA-2026-2178 musl security update

musl is an implementation of the C standard library built on top of the Linux system call API, including interfaces defined in the base language standard, POSIX, and widely agreed-upon extensions. It is lightweight, fast, simple, free, and strives to be correct in the sense of standards conforman...

CVE-2026-0822

A flaw was found in quickjs-ng. A remote attacker could exploit a heap-based buffer overflow vulnerability by manipulating the jstypedarraysort function in quickjs.c. This could lead to information disclosure, denial of service, or potentially arbitrary code execution. An exploit for this...

DEBIAN-CVE-2026-0822

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

CVE-2026-0822

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

CVE-2026-0822

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

UBUNTU-CVE-2026-0822

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

CVE-2026-0822

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

CVE-2026-0822

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

CVE-2026-0822 quickjs-ng quickjs quickjs.c js_typed_array_sort heap-based overflow

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

CVE-2026-0822 quickjs-ng quickjs quickjs.c js_typed_array_sort heap-based overflow

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

EUVD-2026-1846

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

CVE-2026-0822

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

CVE-2026-0822

CVE-2026-0822 affects quickjs-ng quickjs up to 0.11.0. The issue targets the js_typed_array_sort function in quickjs.c, causing a heap-based buffer overflow. It is remotely exploitable and exploits are publicly available. Patch reference: 53eefbcd695165a3bd8c584813b472cb4a69fbf5. Remediation: app...

QuickJS 安全漏洞

QuickJS is a small and embeddable Javascript engine from QuickJS open source. A security vulnerability exists in QuickJS 0.11.0 and earlier versions, which is caused by a heap buffer overflow in the function jstypedarraysort in the file quickjs.c, which could lead to the execution of arbitrary co...

PT-2026-2028

Name of the Vulnerable Software and Affected Versions quickjs-ng versions up to 0.11.0 Description A flaw exists in quickjs-ng quickjs that could lead to a heap-based buffer overflow. This issue is located in the js typed array sort function within the quickjs.c file. Remote exploitation is...

mruby array.c sort_cmp use after free

...

CVE-2025-13120

Summary : CVE-2025-13120 affects mruby up to 3.4.0, specifically the sort_cmp function in src/array.c, causing a use-after-free condition. Exploitation requires local access. A public patch is available (commit eb398971bfb43c38db3e04528b68ac9a7ce509bc). If CVE is relevant to you, apply the offici...

CVE-2025-13120 mruby array.c sort_cmp use after free

A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sortcmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is...

CVE-2023-31908

Jerryscript 3.0 commit 05dbbd1 was discovered to contain a heap-buffer-overflow via the component ecmabuiltintypedarrayprototypesort...