CVE-2026-2739

5.5 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator

Summary

[none]

Details

This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.

References

Affected packages

Git / github.com/indutny/bn.js

Affected ranges

Type: GIT
Repo: https://github.com/indutny/bn.js
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

ea6c072a951493ca99e5cd5f8da3851b90116271

Affected versions

v0.*

v0.1.0

v0.1.1

v0.1.2

v0.1.3

v0.1.4

v0.1.5

v0.1.6

v0.1.7

v0.10.0

v0.10.1

v0.11.0

v0.11.1

v0.11.2

v0.11.3

v0.11.4

v0.11.5

v0.11.6

v0.11.7

v0.12.0

v0.13.0

v0.13.1

v0.13.2

v0.13.3

v0.14.0

v0.14.1

v0.14.2

v0.15.0

v0.15.1

v0.15.2

v0.16.0

v0.16.1

v0.2.0

v0.2.1

v0.2.2

v0.3.0

v0.3.1

v0.4.0

v0.4.1

v0.4.2

v0.4.3

v0.4.4

v0.5.0

v0.5.1

v0.5.2

v0.5.3

v0.5.4

v0.6.0

v0.7.0

v0.7.1

v0.8.0

v0.8.1

v0.9.0

v1.*

v1.0.0

v1.0.1

v1.1.0

v1.1.1

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.2.4

v1.3.0

v2.*

v2.0.0

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.1.0

v2.2.0

v3.*

v3.0.0

v3.0.1

v3.1.0

v3.1.1

v3.1.2

v3.2.0

v3.3.0

v4.*

v4.0.0

v4.1.0

v4.1.1

v4.10.0

v4.10.1

v4.10.2

v4.10.3

v4.10.4

v4.10.5

v4.11.0

v4.11.1

v4.11.2

v4.11.3

v4.11.4

v4.11.5

v4.11.6

v4.11.7

v4.11.8

v4.2.0

v4.3.0

v4.4.0

v4.5.0

v4.5.1

v4.5.2

v4.6.0

v4.6.1

v4.6.2

v4.6.3

v4.6.4

v4.6.5

v4.6.6

v4.7.0

v4.8.0

v4.8.1

v4.9.0

v5.*

v5.0.0

v5.1.0

v5.1.1

v5.1.2

v5.1.3

v5.2.0

v5.2.1

v5.2.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-2739.json"