quickjs — Vulnerabilities & Security Advisories 16

All 16 CVE vulnerabilities found in quickjs, with AI-generated Chinese analysis, references, and POCs.

Vendor: quickjs-ng

CVE ID	Title	CVSS	Severity	Published
CVE-2026-3979	quickjs-ng quickjs quickjs.c js_iterator_concat_return use after free CWE-416	5.3	Medium	2026-03-12
CVE-2026-1145	quickjs-ng quickjs quickjs.c js_typed_array_constructor_ta heap-based overflow CWE-122	6.3	Medium	2026-01-19
CVE-2026-1144	quickjs-ng quickjs Atomics Ops quickjs.c use after free CWE-416	6.3	Medium	2026-01-19
CVE-2026-0822	quickjs-ng quickjs quickjs.c js_typed_array_sort heap-based overflow CWE-122	6.3	Medium	2026-01-10
CVE-2026-0821	quickjs-ng quickjs quickjs.c js_typed_array_constructor heap-based overflow CWE-122	7.3	High	2026-01-10
CVE-2025-12745	QuickJS quickjs.c js_array_buffer_slice buffer over-read CWE-126	5.3	Medium	2025-11-05
CVE-2025-62496	Integer overflow in js_bigint_from_string in QuickJS CWE-190	7.5^AI	High^AI	2025-10-16
CVE-2025-62495	Type confusion in string addition in QuickJS CWE-191	9.8^AI	Critical^AI	2025-10-16
CVE-2025-62494	Type confusion in string addition in QuickJS CWE-704	9.8^AI	Critical^AI	2025-10-16
CVE-2025-62493	Heap out-of-bounds read in js_bigint_to_string1 in QuickJS CWE-125	-	-^AI	2025-10-16
CVE-2025-62492	Heap out-of-bounds read in js_typed_array_indexOf in QuickJS CWE-125	5.9^AI	Medium^AI	2025-10-16
CVE-2025-62491	Use-after-free in js_std_promise_rejection_check in QuickJS CWE-416	9.1^AI	Critical^AI	2025-10-16
CVE-2025-62490	Use-after-free in js_print_object in QuickJS CWE-416	9.8^AI	Critical^AI	2025-10-16
CVE-2025-46687	QuickJS 安全漏洞 CWE-770	5.6	Medium	2025-04-27
CVE-2025-46688	QuickJS 安全漏洞 CWE-131	5.6	Medium	2025-04-27
CVE-2024-13903	quickjs-ng QuickJS qjs quickjs.c JS_GetRuntime stack-based overflow CWE-121	4.3	Medium	2025-03-21

All 16 known CVE vulnerabilities affecting quickjs with full Chinese analysis, references, and POCs where available.