CVE-2025-62494 | QuickJS 0.9.0/3b45d15 JS_ToPrimitiveFree type conversion

October 16, 2025 Yanac

A vulnerability classified as critical has been found in QuickJS 0.9.0/3b45d15. Impacted is the function JS_ToPrimitiveFree. The manipulation leads to incorrect type conversion.

This vulnerability is uniquely identified as CVE-2025-62494. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2025-62492 | QuickJS 0.9.0/3b45d15 TypedArray.prototype.indexOf out-of-bounds
CVE-2025-61539 | Ultimate PHP Board 2.2.7 lostpassword.php u_name cross site scripting