MeldSecurity
Press Enter to search
CVE Database & Search β†’
Sign In Get Started

CVE-2026-1979

🟑 MEDIUM

A flaw has been found in mruby up to 3.4.0. This affects the function mrb_vm_exec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after fre...

Published
Feb 06, 2026
Last Modified
Feb 06, 2026
Views
5
Bookmarks
0

Description

Request Expert Review

A flaw has been found in mruby up to 3.4.0. This affects the function mrb_vm_exec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This patch is called e50f15c1c6e131fa7934355eb02b8173b13df415. It is advisable to implement a patch to correct this issue.

CVSS Scores

CVSS 3.1 5.3
5.3
MEDIUM
CVSS 2.0 5.3

References

github.com github.com github.com github.com vuldb.com vuldb.com vuldb.com

Additional Information

Source
cna@vuldb.com
State
Received

Related CVEs

CVE-2026-1990

LOW

A security vulnerability has been detected in oatpp up to 1.3.1. This impacts the function oatpp::data::type::ObjectWrapper::ObjectWrapper of the file...

Score: 3.3

CVE-2026-1978

MEDIUM

A vulnerability was detected in kalyan02 NanoCMS up to 0.4. Affected by this issue is some unknown functionality of the file /data/pagesdata.txt of th...

Score: 5.3

CVE-2026-1977

MEDIUM

A security vulnerability has been detected in isaacwasserman mcp-vegalite-server up to 16aefed598b8cd897b78e99b907f6e2984572c61. Affected by this vuln...

Score: 6.3

CVE-2025-15566

HIGH

A security issue was discovered in ingress-nginxΒ where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inje...

Score: 8.8

CVE-2026-1976

MEDIUM

A weakness has been identified in Free5GC up to 4.1.0. Affected is the function SessionDeletionResponse of the component SMF. This manipulation causes...

Score: 5.3

CVE-2026-1975

MEDIUM

A security flaw has been discovered in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcp_reports.go. The manipulatio...

Score: 5.3

Share CVE-2026-1979

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Request a professional security analysis for CVE-2026-1979 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Add 3 credits for accelerated delivery

Base Cost: 8 credits
Priority Upgrade: + credits
SLA Acceleration: +3 credits
Total Cost:
Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

Report Analysis