CVE-2026-10268

LOW SEVERITY

CVSS Score & Metrics

Base Score

3.3 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L                                    

Vulnerability Description

A weakness has been identified in janet-lang janet up to 1.41.0. This vulnerability affects the function unmarshal_one_fiber of the file src/core/marsh.c. Executing a manipulation can lead to integer overflow. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be used for attacks. This patch is called d9b1d711ea1fde52ac73a82088b512a3e17bad0d. A patch should be applied to remediate this issue.

Vulnerability Details

Published Date

June 01, 2026

Last Modified

June 01, 2026

CWE ID

CWE-189

Source

NVD

Vendor

janet-lang

Product

janet

External References

https://github.com/biniamf/pocs/tree/main/janet-marsh-unmarshal-intovf
https://github.com/janet-lang/janet/
https://github.com/janet-lang/janet/commit/d9b1d711ea1fde52ac73a82088b512a3e17bad0d
https://github.com/janet-lang/janet/issues/1744
https://vuldb.com/cve/CVE-2026-10268
https://vuldb.com/submit/825075
https://vuldb.com/vuln/367547
https://vuldb.com/vuln/367547/cti

CVE-2026-10268

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment