CVE-2026-24819
Unknown Unknown - Not Provided
Improper Memory Allocation Vulnerability in weixin4j Components

Publication date: 2026-01-27

Last updated on: 2026-01-27

Assigner: Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)

Description
Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j (weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules). This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-27
Last Modified
2026-01-27
Generated
2026-06-16
AI Q&A
2026-01-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-24819
EUVD
EUVD-2026-4799
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
foxinmy weixin4j *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1325 The product manages a group of objects or resources and performs a separate memory allocation for each object, but it does not properly limit the total amount of memory that is consumed by all of the combined objects.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in foxinmy weixin4j involves improperly controlled sequential memory allocation within certain utility modules. It relates to how memory is allocated sequentially without proper controls, which can lead to potential security issues in the affected program files CharArrayBuffer.Java and ClassUtil.Java.

Impact Analysis

The vulnerability could lead to security risks such as unauthorized memory access or manipulation, potentially causing application instability or exploitation by attackers. This may result in compromised application behavior or data integrity issues.

Mitigation Strategies

To mitigate this vulnerability, update the weixin4j library to the latest version where the issue has been addressed. The fix involves proper permission handling when accessing the thread context ClassLoader, including handling security exceptions and implementing fallback behavior. Applying this update will ensure secure and consistent operation in environments with restrictive security policies. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24819. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart