Vulnerability Database

Published: Jun 4, 2024
Updated: May 4, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-36857" target="_blank" rel="noopener"> CVE-2024-36857
GHSA: <a href="https://github.com/advisories/GHSA-5jqc-qj57-4hrc" target="_blank" rel="noopener"> GHSA-5jqc-qj57-4hrc
Severity: High
Exploit:

296,746

Total vulnerabilities in the database

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
homebrew / jan	0.4.12	0.4.12.x
@janhq / core	-	0.1.11.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.