CVE-2025-69653

Name of the Vulnerable Software and Affected Versions QuickJS versions prior to 2025-12-11

Description A specially crafted JavaScript input can cause an internal assertion failure within QuickJS. This occurs in the gc decref child function of the quickjs.c file when the QuickJS interpreter (qjs) is executed with the -m option. This results in an abnormal program termination (SIGABRT) during garbage collection, leading to a denial-of-service condition.

Recommendations Update to QuickJS version 2025-12-11 or later.