CVE-2026-2739

Vulnerability

CVE-2026-2739

bn.js: bn.js: Denial of Service via calling maskn(0)

ecosystem: redhat:8, redhat:9

A flaw was found in bn.js. When calling the `maskn(0)` function on a BN instance, there is potential for this action to corrupt the internal state of the library, causing critical methods such as `toString()` and `divmod()` to enter an infinite loop. The primary consequence is a Denial of Service (DoS), where the affected process hangs indefinitely.

References

secalert@redhat.com: https://access.redhat.com/security/cve/CVE-2026-2739
secalert@redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2441279
secalert@redhat.com: https://gist.github.com/Kr0emer/02370d18328c28b5dd7f9ac880d22a91
secalert@redhat.com: https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b
secalert@redhat.com: https://github.com/indutny/bn.js/issues/186
secalert@redhat.com: https://github.com/indutny/bn.js/issues/316
secalert@redhat.com: https://github.com/indutny/bn.js/pull/317
secalert@redhat.com: https://nvd.nist.gov/vuln/detail/CVE-2026-2739
secalert@redhat.com: https://security.snyk.io/vuln/SNYK-JS-BNJS-15274301
secalert@redhat.com: https://www.cve.org/CVERecord?id=CVE-2026-2739

severityM

Moderate

type: vendor

source: secalert@redhat.com

CVSS3.1

5.3MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AV	Network
AC	Low
PR	None
UI	None
S	Not Changed
C	None
I	None
A	Low

source: secalert@redhat.com

　CWE

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

source: secalert@redhat.com

published: 2026-02-20 05:00:08

modified: 2026-02-20 10:51:51

Detection

redhat:8

CVE-2026-2739

redhat-vex

OR

unfixedFix deferred

grafana

package type: binary

type: version

unfixedFix deferred

grafana-azure-monitor

package type: binary

type: version

unfixedFix deferred

grafana-cloudwatch

package type: binary

type: version

unfixedFix deferred

grafana-elasticsearch

package type: binary

type: version

unfixedFix deferred

grafana-graphite

package type: binary

type: version

unfixedFix deferred

grafana-influxdb

package type: binary

type: version

unfixedFix deferred

grafana-loki

package type: binary

type: version

unfixedFix deferred

grafana-mssql

package type: binary

type: version

unfixedFix deferred

grafana-mysql

package type: binary

type: version

unfixedFix deferred

grafana-opentsdb

package type: binary

type: version

unfixedFix deferred

grafana-postgres

package type: binary

type: version

unfixedFix deferred

grafana-prometheus

package type: binary

type: version

unfixedFix deferred

grafana-selinux

package type: binary

type: version

unfixedFix deferred

grafana-stackdriver

package type: binary

type: version

unfixedFix deferred

mozjs60

package type: binary

type: version

unfixedFix deferred

mozjs60-devel

package type: binary

type: version

unfixedFix deferred

pcs

package type: binary

type: version

unfixedFix deferred

pcs-snmp

package type: binary

type: version

unfixedFix deferred

grafana

package type: source

type: version

unfixedFix deferred

mozjs60

package type: source

type: version

unfixedFix deferred

pcs

package type: source

type: version

tag: rhel-8-including-unpatched:f7502e9f-4a8d-8230-a221-b5844416d0cc

redhat:9

CVE-2026-2739

redhat-vex

OR

unfixedFix deferred

gjs-devel

package type: binary

type: version

unfixedFix deferred

pcs

package type: binary

type: version

unfixedFix deferred

pcs-snmp

package type: binary

type: version

unfixedFix deferred

polkit-devel

package type: binary

type: version

unfixedFix deferred

polkit-docs

package type: binary

type: version

unfixedFix deferred

polkit-libs

package type: binary

type: version

unfixedFix deferred

gjs

package type: source

type: version

unfixedFix deferred

pcs

package type: source

type: version

unfixedFix deferred

polkit

package type: source

type: version

tag: rhel-9-including-unpatched:dbad6d44-2e28-d986-7417-25b7fc6a505e

Data Sources

RedHat Enterprise Linux CSAF VEX
redhat-vex

FutureVuls|GitHub