CVE-2026-1144

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions quickjs-ng quickjs versions up to 0.11.0

Description A use-after-free issue exists in quickjs-ng quickjs up to version 0.11.0. The problem is located in an unknown function within the quickjs.c file, specifically in the Atomics Ops Handler component. The issue can be triggered remotely, and an exploit is publicly available.

Recommendations Apply the patch ea3e9d77454e8fc9cb3ef3c504e9c16af5a80141 to resolve this issue.

Exploit

Fix

Buffer Overflow

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-416

Related Identifiers

CVE-2026-1144

Affected Products

Quickjs

CVE-2026-1144

Weakness Enumeration

Related Identifiers

Affected Products

References · 19