Browse all 7 CVE security advisories affecting QuickJS. AI-powered Chinese analysis, POCs, and references for each vulnerability.
QuickJS is a lightweight JavaScript engine designed for embedding in applications and running JavaScript code in resource-constrained environments. Historically, it has been vulnerable to memory corruption issues, including use-after-free and buffer overflow flaws, which have led to several remote code execution vulnerabilities. Cross-site scripting (XSS) vulnerabilities have also been identified due to improper input sanitization. While no major public security incidents have been widely reported, the 7 CVEs on record highlight ongoing concerns around memory safety and input validation. Its small codebase reduces attack surface compared to larger engines, but developers must remain vigilant about memory management and sandboxing when implementing QuickJS in security-sensitive contexts.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62496 | Integer overflow in js_bigint_from_string in QuickJS — QuickJSCWE-190 | 7.5AI | HighAI | 2025-10-16 |
| CVE-2025-62495 | Type confusion in string addition in QuickJS — QuickJSCWE-191 | 9.8AI | CriticalAI | 2025-10-16 |
| CVE-2025-62494 | Type confusion in string addition in QuickJS — QuickJSCWE-704 | 9.8AI | CriticalAI | 2025-10-16 |
| CVE-2025-62493 | Heap out-of-bounds read in js_bigint_to_string1 in QuickJS — QuickJSCWE-125 | - | -AI | 2025-10-16 |
| CVE-2025-62492 | Heap out-of-bounds read in js_typed_array_indexOf in QuickJS — QuickJSCWE-125 | 5.9AI | MediumAI | 2025-10-16 |
| CVE-2025-62491 | Use-after-free in js_std_promise_rejection_check in QuickJS — QuickJSCWE-416 | 9.1AI | CriticalAI | 2025-10-16 |
| CVE-2025-62490 | Use-after-free in js_print_object in QuickJS — QuickJSCWE-416 | 9.8AI | CriticalAI | 2025-10-16 |
This page lists every published CVE security advisory associated with QuickJS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.