CVE-2026-10268
Deferred Deferred - Pending Action
Integer Overflow in Janet Language up to 1.41.0

Publication date: 2026-06-01

Last updated on: 2026-06-01

Assigner: VulDB

Description
A weakness has been identified in janet-lang janet up to 1.41.0. This vulnerability affects the function unmarshal_one_fiber of the file src/core/marsh.c. Executing a manipulation can lead to integer overflow. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be used for attacks. This patch is called d9b1d711ea1fde52ac73a82088b512a3e17bad0d. A patch should be applied to remediate this issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-01
Last Modified
2026-06-01
Generated
2026-06-22
AI Q&A
2026-06-01
EPSS Evaluated
2026-06-20
NVD
CVE-2026-10268
EUVD
EUVD-2026-33681
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
janet-lang janet 1.41.0
janet-lang janet to 1.41.0 (exc)
janet-lang janet to 1.41.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-189
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-10268 is a signed integer overflow vulnerability in the Janet programming language, specifically in the function unmarshal_one_fiber within the file src/core/marsh.c. The vulnerability occurs during the deserialization of fiber data, where the fiber's capacity is calculated by adding 10 to a value (fiber_stacktop) read from attacker-controlled serialized data. If fiber_stacktop is set to the maximum 32-bit integer value (INT32_MAX), this addition causes an integer overflow.

On 64-bit systems, this overflow leads to an extremely large allocation request, causing an out-of-memory (OOM) crash and resulting in a denial-of-service (DoS). On 32-bit systems, the overflow wraps around to a small value, creating an undersized buffer that can be overflowed by subsequent writes, potentially leading to heap corruption and remote code execution (RCE).

The vulnerability can be exploited locally by providing malicious serialized data to the unmarshal function. A patch has been made to add bounds checking to prevent the stack capacity from exceeding INT32_MAX, thereby preventing the overflow.

Impact Analysis

This vulnerability can impact you by causing denial-of-service (DoS) or enabling remote code execution (RCE) depending on your system architecture.

  • On 64-bit systems, exploitation leads to an out-of-memory crash, causing a denial-of-service condition.
  • On 32-bit systems, exploitation can cause heap corruption due to buffer overflow, which may allow an attacker to execute arbitrary code remotely.

Since the vulnerability can be triggered by deserializing malicious data locally, it poses a risk to applications embedding or using Janet for scripting or automation.

Detection Guidance

This vulnerability involves a signed integer overflow during fiber deserialization in the Janet programming language, specifically in the unmarshal_one_fiber function in src/core/marsh.c. Detection can be performed by analyzing the deserialization process for malformed or malicious serialized data that triggers the overflow.

Sanitizers such as AddressSanitizer (ASan) and UndefinedBehaviorSanitizer (UBSan) can detect the overflow and invalid allocation size errors when running Janet with the vulnerable code and processing malicious input.

A proof-of-concept (PoC) file named poc_marsh_fiber_intovf.bin is publicly available and can be used to test if a system running Janet is vulnerable by attempting to deserialize this file.

No specific network commands are provided in the resources, but detection involves running the vulnerable Janet version with the PoC input under sanitizers or monitoring for crashes or abnormal memory allocation failures during deserialization.

Compliance Impact

The provided information does not include any details about the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Mitigation Strategies

The primary mitigation step is to apply the patch identified by commit d9b1d711ea1fde52ac73a82088b512a3e17bad0d, which adds bounds checking to prevent the integer overflow in the unmarshal_one_fiber function.

Until the patch is applied, avoid deserializing untrusted or malicious data that could trigger the overflow.

Monitor for updates from the Janet project and upgrade to a fixed version once available.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-10268. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart