Skip to main content

Janet CVE-2026-10268

| EUVD-2026-33681 LOW
Integer Overflow or Wraparound (CWE-190)
2026-06-01 VulDB GHSA-gqw4-cq8m-g989
Buffer Overflow Integer Overflow Janet
1.9
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
1.9 LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
CVSS changed
Jun 01, 2026 - 17:22 NVD
3.3 (LOW) 1.9 (LOW)
Source Code Evidence Fetched
Jun 01, 2026 - 17:20 vuln.today
Analysis Generated
Jun 01, 2026 - 17:20 vuln.today

DescriptionCVE.org

A weakness has been identified in janet-lang janet up to 1.41.0. This vulnerability affects the function unmarshal_one_fiber of the file src/core/marsh.c. Executing a manipulation can lead to integer overflow. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be used for attacks. This patch is called d9b1d711ea1fde52ac73a82088b512a3e17bad0d. A patch should be applied to remediate this issue.

AnalysisAI

Integer overflow in the Janet scripting language's fiber unmarshaling routine (versions up to 1.41.0) allows a local authenticated attacker to cause a denial-of-service condition. The vulnerable function unmarshal_one_fiber in src/core/marsh.c performs an unchecked addition when computing fiber stack capacity - if fiber_stacktop is near INT32_MAX, adding 10 wraps the value, resulting in a dangerously small capacity allocation that crashes the interpreter. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local low-privileged account
Delivery
Craft fiber payload with fiber_stacktop near INT32_MAX
Exploit
Submit marshaled data to Janet interpreter
Execution
Trigger unmarshal_one_fiber integer overflow
Persist
Corrupt fiber capacity value
Impact
Crash interpreter process (DoS)
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The attacker must have local access to the host and a low-privileged account (confirmed by CVSS PR:L). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 3.3 (Low) is consistent with the attack surface: AV:L (local host only), AC:L (no special conditions), PR:L (requires a low-privileged local account), UI:N, with impact confined to availability (A:L) and no confidentiality or integrity exposure. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local attacker with a low-privileged account on a system running Janet crafts a malicious serialized fiber payload in which the `fiber_stacktop` field is set to a value near INT32_MAX. When the Janet interpreter calls `unmarshal_one_fiber` to deserialize this data, the unchecked addition overflows, assigning an invalid (very small) capacity to the fiber's stack buffer. …
Remediation Apply upstream patch commit d9b1d711ea1fde52ac73a82088b512a3e17bad0d from the Janet GitHub repository (https://github.com/janet-lang/janet/commit/d9b1d711ea1fde52ac73a82088b512a3e17bad0d). … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-10268 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy