CVE-2025-70347
MEDIUMSeverity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
An issue in mquickjs before commit 74b7e (2026-01-15) allows a local attacker to cause a denial of service via a crafted file to the get_mblock_size function at mquickjs.c.
AnalysisAI
An issue in mquickjs before commit 74b7e (2026-01-15) allows a local attacker to cause a denial of service via a crafted file to the get_mblock_size function at mquickjs.c. [CVSS 5.5 MEDIUM]
Technical ContextAI
Classified as CWE-400 (Uncontrolled Resource Consumption). Affects mquickjs. An issue in mquickjs before commit 74b7e (2026-01-15) allows a local attacker to cause a denial of service via a crafted file to the get_mblock_size function at mquickjs.c.
Affected ProductsAI
Product: mquickjs.
RemediationAI
Monitor vendor advisories for a patch.
Same weakness CWE-400 – Uncontrolled Resource Consumption
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today