CVE-2026-10267
Gravedad CVSS v4.0:
BAJA
Tipo:
CWE-119
Restricción de operaciones inapropiada dentro de los límites del búfer de la memoria
Fecha de publicación:
01/06/2026
Última modificación:
01/06/2026
Descripción
*** Pendiente de traducción *** A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function doframe of the file src/core/debug.c. Performing a manipulation results in out-of-bounds read. Attacking locally is a requirement. The exploit has been released to the public and may be used for attacks. The patch is named ed17dd2c5913a23fb1107251e44a9410a3c30cf5.
Impacto
Puntuación base 4.0
1.90
Gravedad 4.0
BAJA
Puntuación base 3.x
3.30
Gravedad 3.x
BAJA
Puntuación base 2.0
1.70
Gravedad 2.0
BAJA
Referencias a soluciones, herramientas e información
- https://github.com/biniamf/pocs/tree/main/janet-debug-janet-doframe-env-data-oobread
- https://github.com/janet-lang/janet/
- https://github.com/janet-lang/janet/commit/ed17dd2c5913a23fb1107251e44a9410a3c30cf5
- https://github.com/janet-lang/janet/issues/1743
- https://github.com/janet-lang/janet/issues/1743#issuecomment-4322129448
- https://vuldb.com/cve/CVE-2026-10267
- https://vuldb.com/submit/825072
- https://vuldb.com/vuln/367546
- https://vuldb.com/vuln/367546/cti