Vulnerability Database
299,038
Total vulnerabilities in the database
CVE-2025-46688
quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
| Software | From | Fixed in |
|---|---|---|
| quickjs-ng / quickjs | - | 0.9.0.x |
| quickjs_project / quickjs | - | 2025-04-26 |
- https://bellard.org/quickjs/Changelog
- https://github.com/bellard/quickjs/commit/1eb05e44fad89daafa8ee3eb74b8520b4a37ec9a
- https://github.com/bellard/quickjs/issues/399
- https://github.com/quickjs-ng/quickjs/commit/28fa43d3ddff2c1ba91b6e3a788b2d7ba82d1465
- https://github.com/quickjs-ng/quickjs/issues/1018
- https://github.com/quickjs-ng/quickjs/pull/1020
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime