What is GHSA-mmcx-pc5f-m5m4?

GHSA-mmcx-pc5f-m5m4 is a security advisory published by GitHub Security Advisories with Low severity. A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function...

Which CVE IDs does GHSA-mmcx-pc5f-m5m4 cover?

GHSA-mmcx-pc5f-m5m4 covers the following CVE IDs: CVE-2026-10267. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-mmcx-pc5f-m5m4?

GHSA-mmcx-pc5f-m5m4 has a CVSS v3 base score of 3.3, published by GitHub Security Advisories.

GHSA-mmcx-pc5f-m5m4LowCVSS 3.3

A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function...

Vendor

GitHub Security Advisories

Published

June 1, 2026

Last Modified

June 1, 2026

🔗 CVE IDs covered (1)

CVE-2026-10267 →

📋 Description

A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function doframe of the file src/core/debug.c. Performing a manipulation results in out-of-bounds read. Attacking locally is a requirement. The exploit has been released to the public and may be used for attacks. The patch is named ed17dd2c5913a23fb1107251e44a9410a3c30cf5.

🔗 References (11)

https://nvd.nist.gov/vuln/detail/CVE-2026-10267
https://github.com/janet-lang/janet/issues/1743
https://github.com/janet-lang/janet/issues/1743#issuecomment-4322129448
https://github.com/janet-lang/janet/commit/ed17dd2c5913a23fb1107251e44a9410a3c30cf5
https://github.com/biniamf/pocs/tree/main/janet-debug-janet-doframe-env-data-oobread
https://github.com/janet-lang/janet
https://vuldb.com/cve/CVE-2026-10267
https://vuldb.com/submit/825072
https://vuldb.com/vuln/367546
https://vuldb.com/vuln/367546/cti
https://github.com/advisories/GHSA-mmcx-pc5f-m5m4