Heap buffer overflow in Jansi_CVE-2026-8484

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Description

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes (DoS).
All versions are believed to be vulnerable. This project is unmaintained at the time of CVE assignment.

Basic Information

ID CVE-2026-8484

Source CERT-PL

Published Jun 16, 2026 at 10:32

Affected Product

Vendor FuseSource

Product jansi

Affected Versions FuseSource jansi 0

CWE Classification

CWE-122

References

{
    "lastseen": "",
    "description": "A heap buffer overflow vulnerability exists in the Jansi JNI \"ioctl()\" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes (DoS).\nAll versions are believed to be vulnerable.\u00a0This project is unmaintained at the time of CVE assignment.",
    "published": "2026-06-16T10:32:14.198Z",
    "modified": "2026-06-16T10:32:14.198Z",
    "type": "cve",
    "title": "Heap buffer overflow in Jansi",
    "source": "CERT-PL",
    "references": "https://cert.pl/en/posts/2026/06/CVE-2026-8484\nhttps://github.com/fusesource/jansi/tree/master",
    "id": "CVE-2026-8484",
    "bulletinFamily": "",
    "cwe": [
        "CWE-122"
    ],
    "cvelist": null,
    "sourceData": "FuseSource jansi 0",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "jansi",
    "version": "0",
    "vendor": "FuseSource",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}