CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/02/20 10:20 a.m.•4 views

Exploits0

CVE-2026-2739

A flaw was found in bn.js. When calling the maskn0 function on a BN instance, there is potential for this action to corrupt the internal state of the library, causing critical methods such as toString and divmod to enter an infinite loop. The primary consequence is a Denial of Service DoS, where...

6.9CVSS5.6AI score0.00467EPSS

Exploits0References9

Github Security Blog•added 2026/02/20 6:30 a.m.•15 views

bn.js affected by an infinite loop

This affects versions of the package bn.js before 4.12.3 and 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...

6.9CVSS5.3AI score0.00467EPSS

Exploits0References10Affected Software1

OSV•added 2026/02/20 6:30 a.m.•1 views

GHSA-378V-28HJ-76WF bn.js affected by an infinite loop

6.9CVSS5.9AI score0.00467EPSS

Exploits0References10

OSV•added 2026/02/20 5:17 a.m.•5 views

CVE-2026-2739

This affects versions of the package bn.js before 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...

6.9CVSS5.5AI score

OSV•added 2026/02/20 5:17 a.m.•4 views

DEBIAN-CVE-2026-2739

6.9CVSS5.3AI score0.00467EPSS

Exploits0References1

OSV•added 2026/02/20 5:17 a.m.•7 views

UBUNTU-CVE-2026-2739

UbuntuCve•added 2026/02/20 5:17 a.m.•6 views

Exploits0References8

CVE-2026-2739

6.9CVSS5.9AI score0.00467EPSS

Exploits0References7

Debian CVE•added 2026/02/20 5:0 a.m.•4 views

CVE-2026-2739

6.9CVSS5.2AI score0.00467EPSS

Exploits0

CVE•added 2026/02/20 5:0 a.m.•29 views

CVE-2026-2739

CVE-2026-2739 affects bn.js versions before 5.2.3. Calling maskn(0) on any BN instance corrupts internal state, causing toString(), divmod(), and related methods to enter an infinite loop and hang the process. The Snyk/NVD/CVE listings confirm the impact and provide examples; the recommended reme...

Vulnrichment•added 2026/02/20 5:0 a.m.•3 views

CVE-2026-2739

ATTACKERKB•added 2026/02/20 5:0 a.m.•6 views

CVE-2026-2739

Cvelist•added 2026/02/20 5:0 a.m.•28 views

Exploits0References7

CVE-2026-2739

6.9CVSS0.00467EPSS

CNNVD•added 2026/02/20 12:0 a.m.•9 views

bn.js 安全漏洞

bn.js is a large number processing library developed by Fedor Indutny. Versions of bn.js prior to 5.2.3 contained security vulnerabilities. These vulnerabilities stemmed from calling maskn0 on any BN instance, which could corrupt internal state. This allowed methods like toString and divmod to...

Positive Technologies•added 2026/02/20 12:0 a.m.•5 views

PT-2026-20998

Name of the Vulnerable Software and Affected Versions bn.js versions prior to 5.2.3 Description The bn.js package is susceptible to a state corruption issue. Calling the maskn0 function on any BN instance corrupts the internal state. This corruption causes methods like toString, divmod, and other...

8.7CVSS5.2AI score0.00519EPSS

Exploits1References207

Tenable Nessus•added 2026/02/20 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-2739

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects versions of the package bn.js before 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other...

Snyk•added 2026/02/08 3:1 p.m.•1 views

Exploits0References4

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely. PoC javascript const BN = require'bn.js'; // any...