Every CVE whose affected-product data names Quickjs-ng Quickjs, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2026-0821 — CVSS 7.3 (high): A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_array_constructor of…
CVE-2026-0822 — CVSS 6.3 (medium): A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file…
CVE-2026-1144 — CVSS 6.3 (medium): A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component…
CVE-2026-1145 — CVSS 6.3 (medium): A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the function js_typed_array_constructor_ta of…
CVE-2025-46687 — CVSS 5.6 (medium): quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before…
CVE-2025-46688 — CVSS 5.6 (medium): quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS…
CVE-2024-13903 — CVSS 4.3 (medium): A vulnerability was found in quickjs-ng QuickJS up to 0.8.0. It has been declared as problematic. Affected by this vulnerability is the…