{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-0821", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-01-09T18:24:17.150Z", "datePublished": "2026-01-10T13:02:07.698Z", "dateUpdated": "2026-01-12T14:36:51.911Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-01-10T13:02:07.698Z"}, "title": "quickjs-ng quickjs quickjs.c js_typed_array_constructor heap-based overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-122", "lang": "en", "description": "Heap-based Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "quickjs-ng", "product": "quickjs", "versions": [{"version": "0.1", "status": "affected"}, {"version": "0.2", "status": "affected"}, {"version": "0.3", "status": "affected"}, {"version": "0.4", "status": "affected"}, {"version": "0.5", "status": "affected"}, {"version": "0.6", "status": "affected"}, {"version": "0.7", "status": "affected"}, {"version": "0.8", "status": "affected"}, {"version": "0.9", "status": "affected"}, {"version": "0.10", "status": "affected"}, {"version": "0.11.0", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_array_constructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called c5d80831e51e48a83eab16ea867be87f091783c5. A patch should be applied to remediate this issue."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-01-09T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-01-09T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-01-09T19:29:41.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "mcsky23 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.340355", "name": "VDB-340355 | quickjs-ng quickjs quickjs.c js_typed_array_constructor heap-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.340355", "name": "VDB-340355 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.731780", "name": "Submit #731780 | quickjs-ng quickjs v0.11.0 Heap-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/quickjs-ng/quickjs/issues/1296", "tags": ["issue-tracking"]}, {"url": "https://github.com/quickjs-ng/quickjs/pull/1299", "tags": ["issue-tracking"]}, {"url": "https://github.com/quickjs-ng/quickjs/issues/1296#issue-3780003395", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/quickjs-ng/quickjs/commit/c5d80831e51e48a83eab16ea867be87f091783c5", "tags": ["patch"]}], "tags": ["x_open-source"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-12T14:36:45.372311Z", "id": "CVE-2026-0821", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-12T14:36:51.911Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-0821", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-12T14:36:45.372311Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-12T14:36:48.964Z"}}], "cna": {"tags": ["x_open-source"], "title": "quickjs-ng quickjs quickjs.c js_typed_array_constructor heap-based overflow", "credits": [{"lang": "en", "type": "reporter", "value": "mcsky23 (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "affected": [{"vendor": "quickjs-ng", "product": "quickjs", "versions": [{"status": "affected", "version": "0.1"}, {"status": "affected", "version": "0.2"}, {"status": "affected", "version": "0.3"}, {"status": "affected", "version": "0.4"}, {"status": "affected", "version": "0.5"}, {"status": "affected", "version": "0.6"}, {"status": "affected", "version": "0.7"}, {"status": "affected", "version": "0.8"}, {"status": "affected", "version": "0.9"}, {"status": "affected", "version": "0.10"}, {"status": "affected", "version": "0.11.0"}]}], "timeline": [{"lang": "en", "time": "2026-01-09T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-01-09T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-01-09T19:29:41.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.340355", "name": "VDB-340355 | quickjs-ng quickjs quickjs.c js_typed_array_constructor heap-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.340355", "name": "VDB-340355 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.731780", "name": "Submit #731780 | quickjs-ng quickjs v0.11.0 Heap-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/quickjs-ng/quickjs/issues/1296", "tags": ["issue-tracking"]}, {"url": "https://github.com/quickjs-ng/quickjs/pull/1299", "tags": ["issue-tracking"]}, {"url": "https://github.com/quickjs-ng/quickjs/issues/1296#issue-3780003395", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/quickjs-ng/quickjs/commit/c5d80831e51e48a83eab16ea867be87f091783c5", "tags": ["patch"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_array_constructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called c5d80831e51e48a83eab16ea867be87f091783c5. A patch should be applied to remediate this issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "Heap-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-01-10T13:02:07.698Z"}}}, "cveMetadata": {"cveId": "CVE-2026-0821", "state": "PUBLISHED", "dateUpdated": "2026-01-12T14:36:51.911Z", "dateReserved": "2026-01-09T18:24:17.150Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-01-10T13:02:07.698Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:quickjs-ng:quickjs:*:*:*:*:*:*:*:*", "matchCriteriaId": "99E7BDDC-5F85-4D2D-A0FE-87E837B594D3", "versionEndIncluding": "0.11.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_array_constructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called c5d80831e51e48a83eab16ea867be87f091783c5. A patch should be applied to remediate this issue."}], "id": "CVE-2026-0821", "lastModified": "2026-01-15T22:22:36.770", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-01-10T13:15:49.040", "references": [{"source": "[email protected]", "tags": ["Patch"], "url": "https://github.com/quickjs-ng/quickjs/commit/c5d80831e51e48a83eab16ea867be87f091783c5"}, {"source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://github.com/quickjs-ng/quickjs/issues/1296"}, {"source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://github.com/quickjs-ng/quickjs/issues/1296#issue-3780003395"}, {"source": "[email protected]", "tags": ["Issue Tracking"], "url": "https://github.com/quickjs-ng/quickjs/pull/1299"}, {"source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.340355"}, {"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.340355"}, {"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.731780"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-122"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "quickjs-ng: quickjs-ng: Heap-based buffer overflow in js_typed_array_constructor function", "id": "2428462", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428462"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "(CWE-119|CWE-122)", "details": ["A flaw was found in quickjs-ng. A remote attacker can exploit a heap-based buffer overflow vulnerability in the `js_typed_array_constructor` function of the `quickjs.c` file by executing a specially crafted manipulation. This vulnerability may lead to information disclosure, denial of service, or potentially arbitrary code execution."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-0821", "public_date": "2026-01-10T13:02:07Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-0821\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-0821\nhttps://github.com/quickjs-ng/quickjs/commit/c5d80831e51e48a83eab16ea867be87f091783c5\nhttps://github.com/quickjs-ng/quickjs/issues/1296\nhttps://github.com/quickjs-ng/quickjs/issues/1296#issue-3780003395\nhttps://github.com/quickjs-ng/quickjs/pull/1299\nhttps://vuldb.com/?ctiid.340355\nhttps://vuldb.com/?id.340355\nhttps://vuldb.com/?submit.731780"], "statement": "This vulnerability is rated Important for Red Hat. A heap-based buffer overflow in the `js_typed_array_constructor` function of quickjs-ng can be exploited by a remote attacker through specially crafted manipulation. This flaw may lead to information disclosure, denial of service, or arbitrary code execution. This affects components such as `radare2` in Community Projects (EPEL 8, 9, 10 and Fedora 42, 43).", "threat_severity": "Important"}

{"created": "2026-01-12T14:36:17.473382+00:00", "updated": "2026-01-12T14:36:17.473406+00:00", "vendors": ["quickjs-ng", "quickjs-ng$PRODUCT$quickjs"]}