CVE-2025-70347

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-70347
An issue in mquickjs before commit 74b7e (2026-01-15) allows a local attacker to cause a denial of service via a crafted file to the get_mblock_size function at mquickjs.c.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/bellard/mquickjs/issues/56
Configurations

No configuration.

History

15 Apr 2026, 00:35

Type Values Removed Values Added
Summary
  • (es) Un problema en mquickjs anterior al commit 74b7e (15-01-2026) permite a un atacante local causar una denegación de servicio a través de un archivo especialmente diseñado a la función get_mblock_size en mquickjs.c.

18 Feb 2026, 21:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.0 		v2 : unknown
v3 : 5.5

10 Feb 2026, 20:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.0
CWE CWE-400

10 Feb 2026, 16:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-10 16:16

Updated : 2026-04-15 00:35

NVD link : CVE-2025-70347

Mitre link : CVE-2025-70347

CVE.ORG link : CVE-2025-70347

JSON object : View

Products Affected

No product.

CWE
CWE-400

Uncontrolled Resource Consumption