CVE-2025-69653

Published: Mar 6, 2026

Modified: Mar 12, 2026

PUBLISHED

Description

A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 (2025-12-11), in file gc_decref_child in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort (SIGABRT) during garbage collection and causes a denial-of-service.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/bellard/quickjs/issues/467

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-69653

Description

Affected Products

References