CVE-2026-37630

A flaw was found in QuickJS-NG. An attacker can exploit an issue within the jsmappedargumentsmark function to execute arbitrary code. This vulnerability allows for unauthorized code execution, potentially leading to a complete compromise of the affected system...

EUVD-2026-29291

An issue in QuickJS-NG v.0.12.1 allows an attacker to execute arbitrary code via the jsmappedargumentsmark function...

PT-2026-39832

An issue in QuickJS-NG v.0.12.1 allows an attacker to execute arbitrary code via the js mapped arguments mark function...

CVE-2026-37630

The connected sources confirm a vulnerability in QuickJS-NG v0.12.1 that allows an attacker to execute arbitrary code via the js_mapped_arguments_mark function. Impact per metrics is CVSS v3.1 base score 7.3 (HIGH), with network attack vector, low complexity, no privileges required, and no user i...

CVE-2026-37630

An issue in QuickJS-NG v.0.12.1 allows an attacker to execute arbitrary code via the jsmappedargumentsmark function...

CVE-2026-37630

An issue in QuickJS-NG v.0.12.1 allows an attacker to execute arbitrary code via the jsmappedargumentsmark function...

CVE-2026-37630

An issue in QuickJS-NG v.0.12.1 allows an attacker to execute arbitrary code via the jsmappedargumentsmark function...

CVE-2026-3979

A flaw was found in quickjs-ng. A local attacker could exploit a use-after-free vulnerability by manipulating the jsiteratorconcatreturn function. This could potentially lead to information disclosure, denial of service, or limited arbitrary code execution...

EUVD-2026-11519

A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function jsiteratorconcatreturn of the file quickjs.c. This manipulation causes use after free. The attack requires local access. The exploit has been published and may be used. Patch name:...

CVE-2026-3979 quickjs-ng quickjs quickjs.c js_iterator_concat_return use after free

A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function jsiteratorconcatreturn of the file quickjs.c. This manipulation causes use after free. The attack requires local access. The exploit has been published and may be used. Patch name:...

CVE-2026-3979

A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function jsiteratorconcatreturn of the file quickjs.c. This manipulation causes use after free. The attack requires local access. The exploit has been published and may be used. Patch name:...

GHSA-XX7M-69FF-9CRP SurrealDB vulnerable to Denial of Service through scripting function memory edge case

In SurrealDB instances with the scripting capability enabled --allow-scripting, users with the ability to run arbitrary queries can trigger a server crash due to a memory-safety bug in the underlying JS engine. The SurrealDB instance terminates instantly, requiring a manual restart. The query...

SurrealDB vulnerable to Denial of Service through scripting function memory edge case

In SurrealDB instances with the scripting capability enabled --allow-scripting, users with the ability to run arbitrary queries can trigger a server crash due to a memory-safety bug in the underlying JS engine. The SurrealDB instance terminates instantly, requiring a manual restart. The query...

Linux Distros Unpatched Vulnerability : CVE-2026-1145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the function jstypedarrayconstructorta of the file quickjs.c. This...

SUSE CVE-2026-1144

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be used. The patch is...

CVE-2026-1144

A flaw was found in quickjs-ng. A remote attacker could exploit a use-after-free vulnerability within the Atomics Ops Handler component, specifically in the quickjs.c file. This manipulation could lead to arbitrary code execution, information disclosure, or a denial of service. The exploit for th...

CVE-2026-1144

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be used. The patch is...

CVE-2026-1144

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be used. The patch is...

UBUNTU-CVE-2026-1144

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be used. The patch is...

CVE-2026-1145

A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the function jstypedarrayconstructorta of the file quickjs.c. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may ...