VYPR
High severity7.3NVD Advisory· Published Jan 10, 2026· Updated Apr 29, 2026

CVE-2026-0821

CVE-2026-0821

Description

A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_array_constructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called c5d80831e51e48a83eab16ea867be87f091783c5. A patch should be applied to remediate this issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:quickjs-ng:quickjs:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:quickjs-ng:quickjs:*:*:*:*:*:*:*:*range: <=0.11.0
    • (no CPE)range: <=0.11.0

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.