CVE-2025-69654
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-69654
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 (2025-12-11),`qjs` interpreter using the `-m` option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JS_FreeRuntime (list_empty(&rt->gc_obj_list)) during runtime cleanup. Although the engine reports an OOM error, it subsequently aborts with SIGABRT because the GC object list is not fully released. This results in a denial of service.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
QuickJS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
QuickJS是QuickJS开源的一个小型且可嵌入的 Javascript 引擎。 QuickJS 2025-09-13版本存在安全漏洞,该漏洞源于低内存限制下处理特制JavaScript输入时内存释放不当,可能导致内存耗尽和运行时清理断言失败,造成拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2025-69654
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-69654
请登录查看更多情报信息。
Same Patch Batch · n/a · 2026-03-06 · 10 CVEs total
| CVE-2025-70363 | Ibexa eZ Platform 安全漏洞 | |
| CVE-2025-69645 | GNU Binutils objdump 安全漏洞 | |
| CVE-2025-69651 | GNU Binutils readelf 安全漏洞 | |
| CVE-2025-69649 | GNU Binutils readelf 安全漏洞 | |
| CVE-2025-69644 | GNU BinUtils 安全漏洞 | |
| CVE-2025-69646 | GNU Binutils objdump 安全漏洞 | |
| CVE-2025-69650 | GNU Binutils readelf 安全漏洞 | |
| CVE-2025-69653 | QuickJS 安全漏洞 | |
| CVE-2025-69652 | GNU Binutils readelf 安全漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8731
Open5GS NRF client.c ogs_sbi_client_add denial of service - CVE-2026-8730
Open5GS NRF context.c ogs_sbi_nf_instance_set_id denial of s - CVE-2026-8729
Open5GS NRF message.c denial of service - CVE-2026-8728
Open5GS NRF conv.c ogs_sbi_discovery_option_parse_plmn_list - CVE-2026-8724
Dataease Data Dashboard SqlparserUtils.java SqlparserUtils.t
V. Comments for CVE-2025-69654
No comments yet