3601 matches found
PT-2026-22509
A vulnerability has been found in wren-lang wren up to 0.4.0. Affected by this issue is the function getByteCountForArguments of the file src/vm/wren compiler.c. Such manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed t...
PT-2026-22508
A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wren compiler.c. This manipulation causes out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been published and may be used. The...
CVE-2026-28207
Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.2, a command injection vulnerability CWE-78 in the Zen C compiler allows local attackers to execute arbitrary shell commands by providing a specially crafted output filename via the -o...
CVE-2026-28207
Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.2, a command injection vulnerability CWE-78 in the Zen C compiler allows local attackers to execute arbitrary shell commands by providing a specially crafted output filename via the -o...
CVE-2026-28207 Zen-C Vulnerable to Command Injection via Malicious Output Filename
Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.2, a command injection vulnerability CWE-78 in the Zen C compiler allows local attackers to execute arbitrary shell commands by providing a specially crafted output filename via the -o...
CVE-2026-28207 Zen-C Vulnerable to Command Injection via Malicious Output Filename
Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.2, a command injection vulnerability CWE-78 in the Zen C compiler allows local attackers to execute arbitrary shell commands by providing a specially crafted output filename via the -o...
Zen C 操作系统命令注入漏洞
Zen C is a modern system programming language developed by z-libs. Versions of Zen C prior to 0.4.2 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the compiler’s main application logic, where the system function was used to execute...
SUSE CVE-2026-2783
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
CVE-2026-2783
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
CVE-2026-2764
CVE-2026-2764 describes a JIT miscompilation leading to use-after-free in the JavaScript Engine: JIT component. Affected products/versions include Firefox < 148, Firefox ESR < 115.33, and Firefox ESR
CVE-2026-2858
A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of the file src/vm/wrencompiler.c of the component Source File Parser. Such manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...
CVE-2026-2858
The incident concerns CVE-2026-2858 affecting wren-lang Wren up to version 0.4.0. The vulnerability resides in the function peekChar within src/vm/wren_compiler.c of the Source File Parser, causing an out-of-bounds read. Exploitation is described as local, with a publicly available exploit. Multi...
CVE-2026-2858 wren-lang wren Source File wren_compiler.c peekChar out-of-bounds
A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of the file src/vm/wrencompiler.c of the component Source File Parser. Such manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...
wren 缓冲区错误漏洞
Wren is a concurrent scripting language developed by Wren OpenSource. Versions of Wren 0.4.0 and earlier contained a buffer error vulnerability, which stemmed from an out-of-bounds read in the peekChar function found in the src/vm/wrencompiler.c file...
PT-2026-21304
Name of the Vulnerable Software and Affected Versions wren-lang wren versions prior to 0.4.0 Description A flaw exists in wren-lang wren that allows for an out-of-bounds read. This issue is related to the peekChar function within the src/vm/wren compiler.c file, specifically in the Source File...
CVE-2026-2657
A vulnerability has been found in wren-lang wren up to 0.4.0. This impacts the function printError of the file src/vm/wrencompiler.c of the component Error Message Handler. Such manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclos...
CVE-2026-2657
A vulnerability has been found in wren-lang wren up to 0.4.0. This impacts the function printError of the file src/vm/wrencompiler.c of the component Error Message Handler. Such manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclos...
CVE-2026-2657 wren-lang wren Error Message wren_compiler.c printError stack-based overflow
A vulnerability has been found in wren-lang wren up to 0.4.0. This impacts the function printError of the file src/vm/wrencompiler.c of the component Error Message Handler. Such manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclos...
CVE-2026-2657 wren-lang wren Error Message wren_compiler.c printError stack-based overflow
A vulnerability has been found in wren-lang wren up to 0.4.0. This impacts the function printError of the file src/vm/wrencompiler.c of the component Error Message Handler. Such manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclos...
CVE-2026-2657
CVE-2026-2657 affects the Wren language (wren) up to version 0.4.0. The vulnerability is in the function printError within src/vm/wren_compiler.c of the Error Message Handler, where manipulation can cause a stack-based buffer overflow. The advisory notes a local attack vector and that an exploit ...