CVE-2026-1979 | mruby up to 3.4.0 JMPNOT-to-JMPIF Optimization src/vm.c mrb_vm_exec use after free (Issue 6701)

Inserito da Angelo Barbosa | Feb 5, 2026 | CVE

A vulnerability, which was classified as critical, was found in mruby up to 3.4.0. This affects the function mrb_vm_exec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free.

This vulnerability is registered as CVE-2026-1979. The attack needs to be launched locally. Furthermore, an exploit is available.

It is advisable to implement a patch to correct this issue.

CVE-2026-1979 | mruby up to 3.4.0 JMPNOT-to-JMPIF Optimization src/vm.c mrb_vm_exec use after free (Issue 6701)

Post correlati

CVE-2024-28776 | IBM Cognos Controller/Controller Web UI cross site scripting

CVE-2025-20647 | MediaTek MT8798 NR12A/NR13/NR15/NR16 Modem null pointer dereference (MSV-2721 / MOLY00791311)

CVE-2023-48326 | Pixelite Events Manager Plugin up to 6.4.5 on WordPress cross site scripting

CVE-2024-6264 | Post Meta Data Manager Plugin up to 1.2.3 on WordPress cross site scripting