Vulnerability in Facebook Hermes

CVE-2023-28081

A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable…

EPSS: 0.018 (83.3th percentile) — read the EPSS interpretation.