Unrated severityNVD Advisory· Published Feb 21, 2026· Updated Feb 24, 2026

ASN.1 TypeScript Library: Decoding an INTEGER could leak the underlying ArrayBuffer

CVE-2026-27452

Description

ASN.1 TypeScript ESM library, including codecs for Basic Encoding Rules (BER) and Distinguished Encoding Rules (DER). In versions 11.0.5 and below, in some cases, decoding an INTEGER could leak the underlying ArrayBuffer. This issue is expected to be fixed in version 11.0.6.

Affected products

ASN.1 TypeScript/ASN.1 TypeScriptllm-create
Range: <=11.0.5
Jonathanwilbur/Asn1 Tsv5
Range: <= 11.0.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/JonathanWilbur/asn1-ts/security/advisories/GHSA-h5rw-vxjr-8q79mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000