CVE-2026-2240

CVSS v3.1

6.1

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Name of the Vulnerable Software and Affected Versions janet-lang janet versions prior to 1.40.1

Description A flaw exists in the janet-lang programming language compiler, specifically within the janetc pop funcdef function located in the src/core/compile.c file. This issue allows for an out-of-bounds read when triggered locally. The exploit for this issue has been publicly disclosed.

Recommendations Apply the patch with identifier 4dd08a4cdef5b1c42d9a2c19fc24412e97ef51d5 to remediate this issue.

Exploit

Fix

Buffer Overflow

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-125

Related Identifiers

CVE-2026-2240

Affected Products

Janet-Lang

CVE-2026-2240

Weakness Enumeration

Related Identifiers

Affected Products

References · 13