CVE-2026-22686

The CVE-2026-22686 issue affects enclave-vm prior to version 2.7.0. A sandbox escape exists when a tool invocation fails and a host-side Error object is leaked into the sandbox, allowing traversal of the host realm prototype chain to reach the host Function constructor. This enables arbitrary cod...

PT-2026-2792

Name of the Vulnerable Software and Affected Versions Enclave versions prior to 2.7.0 Description Enclave is a secure JavaScript sandbox used for safe AI agent code execution. A critical sandbox escape issue exists in enclave-vm, allowing untrusted JavaScript code to execute arbitrary code in the...

CVE-2026-0821

A flaw was found in quickjs-ng. A remote attacker can exploit a heap-based buffer overflow vulnerability in the jstypedarrayconstructor function of the quickjs.c file by executing a specially crafted manipulation. This vulnerability may lead to information disclosure, denial of service, or...

CVE-2026-0821

A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function jstypedarrayconstructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2026-0821 quickjs-ng quickjs quickjs.c js_typed_array_constructor heap-based overflow

A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function jstypedarrayconstructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2026-0821

The CVE-2026-0821 issue affects quickjs-ng/quickjs up to 0.11.0, specifically the js_typed_array_constructor in quickjs.c. The vulnerability enables a heap-based buffer overflow and can be exploited remotely. A publicly disclosed exploit exists. A patch is available (hash: c5d80831e51e48a83eab16e...

CVE-2026-0821

A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function jstypedarrayconstructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2026-0821 quickjs-ng quickjs quickjs.c js_typed_array_constructor heap-based overflow

A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function jstypedarrayconstructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed a...

EUVD-2026-1843

A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function jstypedarrayconstructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed a...

QuickJS 安全漏洞

QuickJS is QuickJS open source a small and embeddable Javascript engine . A security vulnerability exists in QuickJS 0.11.0 and earlier versions, which is caused by a heap buffer overflow in the function jstypedarrayconstructor in the file quickjs.c, which could lead to the execution of arbitrary...

PT-2026-2027

Name of the Vulnerable Software and Affected Versions quickjs-ng versions up to 0.11.0 Description A flaw exists in quickjs-ng up to version 0.11.0 due to a heap-based buffer overflow in the js typed array constructor function within the quickjs.c file. This issue can be triggered remotely throug...

CVE-2021-41110

cwlviewer is a web application to view and share Common Workflow Language workflows. Versions prior to 1.3.1 contain a Deserialization of Untrusted Data vulnerability. Commit number f6066f09edb70033a2ce80200e9fa9e70a5c29de dated 2021-09-30 contains a patch. There are no available workarounds asid...

Security Bulletin: Data Binding Validation Bypass in Spring Framework, affects watsonx.data

Summary There are still cases where it is possible to bypass the disallowedFields checks. Affected Spring Products and Versions Spring Framework: 6.2.0 - 6.2.6 6.1.0 - 6.1.19 6.0.0 - 6.0.27 5.3.0 - 5.3.42 Older, unsupported versions are also affected Mitigation Users of affected versions should...

PT-2026-2084

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 exhibit Undefined Behavior in the...

Mozilla Thunderbird ESR < 17.0.6

The version of Thunderbird ESR installed on the remote Windows host is prior to 17.0.6. It is, therefore, affected by a vulnerability as referenced in the mfsa2013-42 advisory. - Call content level constructor as if from a chrome/privileged pageCVE-2013-1670 CVE-2013-1670 Note that Nessus has not...

PT-2025-49862

🧵 6/15: The Exploit simplified: The vulnerability CVE-2024-555182 lies in the deserialization process. React wasn't verifying if a requested key actually existed on the object during this process. This allows an attacker to sneak in a request for the constructor of a function...

Exploit for CVE-2025-55182

CVE-2025-55182 some notes template: py !/usr/bin/env py...

OSV-2025-965 Stack-use-after-scope in Assimp::FBX::FBXExportProperty::FBXExportProperty

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=465494996 Crash type: Stack-use-after-scope READ 1 Crash state: Assimp::FBX::FBXExportProperty::FBXExportProperty Assimp::FBX::FBXExportProperty std::1::vectorAssimp::FBX::FBXExportProperty, Assimp::FBXExporter::WriteObjects...

CVE-2025-10702

Improper Control of Generation of Code 'Code Injection' vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion. The SpyAttribute connection option implemented by the DataDirect Connect for JD...

VulnCheck KEV: CVE-2025-55346

User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simple POST request...