A vulnerability has been found in QuickJS-NG 0.12.1 and classified as critical . Affected is the function js_mapped_arguments_mark . This manipulation causes privilege escalation. This vulnerability is handled as CVE-2026-37630 . The attack can only be done within the local network. There is not any exploit available.