CVE-2026-24819: weixin4j has Improperly Controlled Sequential Memory Allocation

January 27, 2026 (updated January 28, 2026)

Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j (weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules). This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java.

This issue affects all versions of weixin4j. A path is available: d1c8258

References

github.com/advisories/GHSA-444m-px7r-qpvv
github.com/foxinmy/weixin4j
github.com/foxinmy/weixin4j/commit/d1c825835802cd3a0c04772be1220ff4476ea27c
github.com/foxinmy/weixin4j/pull/229
nvd.nist.gov/vuln/detail/CVE-2026-24819

Code Behaviors & Features

Detect and mitigate CVE-2026-24819 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →