CVE-2026-8484
MediumCVSS 4.8Summary
CVE-2026-8484 describes a heap buffer overflow vulnerability in the Jansi JNI 'ioctl()' wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes (DoS).
Risk Assessment
Organizations may experience application crashes, leading to service availability interruptions. All versions are believed to be vulnerable, and the project is currently unmaintained.
Recommendation
It is recommended to avoid using the vulnerable version of Jansi and consider migrating to another actively supported solution.
Original NVD description (English source)
A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes (DoS). All versions are believed to be vulnerable. This project is unmaintained at the time of CVE assignment.

