Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

thin-vec

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2026-6654
Assigner-Mozilla Corporation
ShareView Details
Assigner-Mozilla Corporation
CVSS Score-5.1||MEDIUM
EPSS-Not Assigned
Published-20 Apr, 2026 | 10:05
Updated-20 Apr, 2026 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-After-Free and Double-Free in IntoIter::drop when element drop panics

Double-Free / Use-After-Free (UAF) in the `IntoIter::drop` and `ThinVec::clear` functions in the thin_vec crate. A panic in `ptr::drop_in_place` skips setting the length to zero.

Action-Not Available
Vendor-Mozilla Corporation
Product-thin-vec
CWE ID-CWE-415
Double Free
CWE ID-CWE-416
Use After Free