Security Bulletin: Local Out-of-Bounds Write Vulnerability in mruby ary_fill_exec Function (v3.4.0), affects watsonx.data

Summary A local vulnerability in mruby v3.4.0 allows out-of-bounds writes via the aryfillexec function when manipulating the start or length arguments. Exploits are publicly available, and applying the patch 93619f06dd378db6766666b30c08978311c7ec94 is recommended. This can affect watsonx.data...

CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

SUSE CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

UBUNTU-CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

CVE-2026-1979

CVE-2026-1979 affects mruby up to version 3.4.0. The issue arises in the function mrb_vm_exec within the file src/vm.c of the component described as the JMPNOT-to-JMPIF Optimization . Exploitation can lead to a use-after-free condition and requires local access to the target environment. The vuln...

CVE-2026-1979 mruby JMPNOT-to-JMPIF Optimization vm.c mrb_vm_exec use after free

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

EUVD-2026-5583

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

CVE-2026-1979 mruby JMPNOT-to-JMPIF Optimization vm.c mrb_vm_exec use after free

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

PT-2026-6673

Name of the Vulnerable Software and Affected Versions mruby versions up to 3.4.0 Description A flaw exists in mruby up to version 3.4.0 related to the JMPNOT-to-JMPIF Optimization component. The issue resides within the mrb vm exec function in the src/vm.c file and can lead to a use-after-free...

mruby 资源管理错误漏洞

MRuby is a lightweight implementation of the Ruby language, developed by Makesoftwaresafe as open source. Versions of MRuby 3.4.0 and earlier contain a resource management vulnerability. This vulnerability stems from a flaw in the mrbvmexec function in the src/vm.c file within the JMPNOT-to-JMPIF...

Linux Distros Unpatched Vulnerability : CVE-2026-1979

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a...

CVE-2018-12247

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclass, related to certain .clone usage, because mrbobjclone in kernel.c copies flags other than the MRBFLAGISFROZEN flag e.g., the embedded flag...

CVE-2018-12248

An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OPENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber...

CVE-2022-0481

NULL Pointer Dereference in Homebrew mruby prior to 3.2...

CVE-2022-0717

Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2...

CVE-2022-0326

NULL Pointer Dereference in Homebrew mruby prior to 3.2...