- Description
- LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that arguments_list references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says "Ladybird is in a pre-alpha state, and only suitable for use by developers."
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
- CNA Tags
- disputed
CVSS 3.1
- Type
- Secondary
- Base score
- 9
- Impact score
- 6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- cve@mitre.org
- CWE-820
- Hype score
- Not currently trending
#Vulnerability #browserengine Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154) https://t.co/ZJ0bAExB0o
@Komodosec
24 Jun 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154) https://t.co/j6IJHxCPH6
@Dinosn
2 May 2025
1493 Impressions
3 Retweets
11 Likes
3 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-47154 ⚠️🔴 CRITICAL (9) 🏢 Ladybird - Ladybird 🏗️ 0 🔗 https://t.co/mJYFLnqxW8 🔗 https://t.co/T9VRvbp15U 🔗 https://t.co/PUJ7cX4Hr6 #CyberCron #VulnAlert #InfoSec https://t.co/bfFWuNqmjN
@cybercronai
1 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-47154 LibJS in Ladybird through b8fa355 mishandles the freeing of the vector that arguments_list references, leading to a use-after-free, and allowing remote attackers to e… https://t.co/WyRQhXJAoG
@CVEnew
1 May 2025
118 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes