SonicJS through 0.6.0 allows file overwrite. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Memory Corruption
Buffer Overflow
Sonicjs
NVD
GitHub
CVSS 3.1
9.1
EPSS
1.1%