CVE-2026-2739
6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
Summary
This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | bn.js | 0 < 5.2.3 | affected |
Weaknesses
- CWE-835: Infinite loop
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
References
- https://security.snyk.io/vuln/SNYK-JS-BNJS-15274301
- https://github.com/indutny/bn.js/issues/316
- https://github.com/indutny/bn.js/issues/186
- https://gist.github.com/Kr0emer/02370d18328c28b5dd7f9ac880d22a91
- https://github.com/indutny/bn.js/pull/317
- https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.