CVE Catalog

CVE-2026-8484

MediumCVSS 4.8
Published: Updated: Translated: NVD NIST

Summary

CVE-2026-8484 describes a heap buffer overflow vulnerability in the Jansi JNI 'ioctl()' wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes (DoS).

Risk Assessment

Organizations may experience application crashes, leading to service availability interruptions. All versions are believed to be vulnerable, and the project is currently unmaintained.

Recommendation

It is recommended to avoid using the vulnerable version of Jansi and consider migrating to another actively supported solution.

Original NVD description (English source)

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes (DoS). All versions are believed to be vulnerable. This project is unmaintained at the time of CVE assignment.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS