Login Sign Up

CVE-2025-65570

9.8 CRITICAL
Remote Code Execution Denial of Service

📋 TL;DR

A type confusion vulnerability in jsish 2.0 allows incorrect control flow during execution of the OP_NEXT opcode. When an 'instanceof' expression uses array element access inside a for-in loop, the implementation leaves an extra array reference on the stack, causing OP_NEXT to misinterpret it as an iterator object and potentially read function pointers from invalid memory structures. This affects systems running vulnerable versions of jsish, potentially leading to crashes or remote code execution.

💻 Affected Systems

Products:
  • jsish
Versions: jsish 2.0
Operating Systems: All platforms where jsish runs
Default Config Vulnerable: ⚠️ Yes
Notes: Any application using jsish 2.0 with JavaScript code containing the specific pattern described is vulnerable.

📦 What is this software?

Jsish by Jsish

View all CVEs affecting Jsish →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with full system compromise, allowing attackers to execute arbitrary code with the privileges of the jsish process.

🟠

Likely Case

Application crash leading to denial of service, with potential for memory corruption that could be leveraged for code execution depending on heap layout.

🟢

If Mitigated

Application crash with no code execution if exploit attempts fail due to heap randomization or other mitigations.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires specific JavaScript code patterns but can be triggered remotely if jsish processes untrusted input. The writeup provides technical details that could facilitate weaponization.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

Check for official patches from jsish maintainers. If unavailable, consider upgrading to a newer version if one exists, or apply workarounds.

🔧 Temporary Workarounds

Input Validation

all

Validate and sanitize all JavaScript input to prevent malicious patterns from reaching the jsish interpreter.

Sandbox Execution

all

Run jsish in a sandboxed environment with limited privileges to contain potential exploitation.

🧯 If You Can't Patch

  • Isolate jsish instances from critical systems and network access
  • Implement strict input validation and filtering for JavaScript code processed by jsish

🔍 How to Verify

Check if Vulnerable:

Check if jsish version is 2.0. Review application code for patterns matching the vulnerability description.

Check Version:

jsish -v

Verify Fix Applied:

Verify jsish version has been updated beyond 2.0 or that workarounds are properly implemented.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected crashes of jsish processes
  • Memory access violation errors in system logs

Network Indicators:

  • Unusual network traffic to/from jsish processes

SIEM Query:

Process:jsish AND (EventID:1000 OR EventID:1001) OR Memory:AccessViolation

📊 Metadata

CVE ID: CVE-2025-65570
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-843
EPSS Score: 0.13% exploit probability (32.3th percentile)
Published: December 29, 2025
Last Updated: December 31, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-65570, you might also want to check these:

CVE-2025-47151 9.8

A type confusion vulnerability in Entr'ouvert Lasso's SAML parsing allows remote code execution when...

Same vulnerability type (CWE-843)
CVE-2020-25575 9.8

This vulnerability in the Rust failure crate (versions through 0.1.5) involves a type confusion flaw...

Same vulnerability type (CWE-843)
CVE-2023-42464 9.8

A Type Confusion vulnerability in Netatalk's afpd service allows remote attackers to potentially exe...

Same vulnerability type (CWE-843)