CVE-2026-2739 Blast Radius

MEDIUM • CVSS 5.3This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod()

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-2739.

Start Free Scan →← Back to CVE-2026-2739