Browse all 4 CVE security advisories affecting janet-lang. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Janet-lang is a programming language designed for scripting and extension development, commonly used in embedded systems and automation tools. Historically, it has been associated with vulnerabilities including remote code execution (RCE) due to unsafe eval practices, cross-site scripting (XSS) from improper input handling, and privilege escalation through flawed permission checks. The language's minimal design has occasionally led to insufficient sandboxing in implementations. While no major public security incidents have been documented, the four CVEs recorded highlight recurring issues around input validation and memory safety, particularly in third-party package ecosystems.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-2869 | janet-lang janet handleattr specials.c janetc_varset out-of-bounds — janetCWE-125 | 3.3 | Low | 2026-02-21 |
| CVE-2026-2242 | janet-lang janet specials.c janetc_if out-of-bounds — janetCWE-125 | 3.3 | Low | 2026-02-09 |
| CVE-2026-2241 | janet-lang janet os.c os_strftime out-of-bounds — janetCWE-125 | 3.3 | Low | 2026-02-09 |
| CVE-2026-2240 | janet-lang janet compile.c janetc_pop_funcdef out-of-bounds — janetCWE-125 | 3.3 | Low | 2026-02-09 |
This page lists every published CVE security advisory associated with janet-lang. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.