Jansi
Monthly
Heap corruption in fusesource Jansi's JNI native layer exposes Java applications to denial-of-service through application crashes. The JNI wrapper around the ioctl() system call omits array-size bounds checking before passing the argument array into native heap memory, enabling a heap buffer overflow condition reachable by any local actor who can influence that code path. No fix will be released - the project is confirmed unmaintained at the time CVE-2026-8484 was assigned, and all known versions carry this defect. No public exploit code or active KEV-confirmed exploitation has been identified at time of analysis.
Heap corruption in fusesource Jansi's JNI native layer exposes Java applications to denial-of-service through application crashes. The JNI wrapper around the ioctl() system call omits array-size bounds checking before passing the argument array into native heap memory, enabling a heap buffer overflow condition reachable by any local actor who can influence that code path. No fix will be released - the project is confirmed unmaintained at the time CVE-2026-8484 was assigned, and all known versions carry this defect. No public exploit code or active KEV-confirmed exploitation has been identified at time of analysis.