Lucene search
K
Squirrel-langSquirrel

7 matches found

CVE
CVE
added 2022/05/04 10:53 p.m.132 views

CVE-2022-30292

CVE-2022-30292 affects SQUIRREL 3.2 and earlier; heap-based buffer overflow in sqbaselib.cpp’s thread_call due to missing sq_reservestack. Reported impact includes DoS, with potential sandbox escape and possible arbitrary code execution per linked exploit notes. Exploitation requires crafting Squ...

10CVSS9.4AI score0.03576EPSS
CVE
CVE
added 2022/07/28 8:41 p.m.81 views

CVE-2021-41556

CVE-2021-41556 affects the Squirrel engine (sqclass.cpp in the core interpreter) up to Squirrel 2.2.5 and 3.x up to 3.1. The vulnerability is an out-of-bounds read in the interpreter that can lead to code execution when a victim runs attacker-controlled Squirrel scripts, potentially breaking out ...

10CVSS9.3AI score0.02177EPSS
CVE
CVE
added 2026/02/18 7:2 p.m.26 views

CVE-2026-2661

CVE-2026-2661 affects Squirrel up to 3.2, specifically the SQObjectPtr::operator in squirrel/sqobject.h. The public documentation describes a heap-based overflow arising from improper handling in that operator, enabling local exploitation. A separate PacketStorm report attributes a related issue ...

7.8CVSS5.5AI score0.00235EPSS
CVE
CVE
added 2026/03/01 9:32 a.m.24 views

CVE-2026-3388

CVE-2026-3388 affects Squirrel up to 3.2, specifically SQCompiler::Factor and SQCompiler::UnaryOP in squirrel/sqcompiler.cpp. According to public descriptions, manipulating these paths triggers uncontrolled recursion, with local attack requirements and a public exploit/proofs‑of‑concept available...

5.5CVSS5.4AI score0.00166EPSS
CVE
CVE
added 2026/05/26 11:45 a.m.24 views

CVE-2026-9541

CVE-2026-9541 affects Squirrel up to 3.2, specifically the ReadObject function in squirrel/sqobject.cpp of the Cnut File Handler. The issue is a heap-based buffer overflow triggered by manipulation of input, with local attack vectors. Public exploit has been released; the vendor was notified earl...

5.3CVSS6.1AI score0.0017EPSS
CVE
CVE
added 2026/02/18 5:32 p.m.22 views

CVE-2026-2659

The vulnerability CVE-2026-2659 affects Squirrel up to version 3.2. It resides in SQFuncState::PopTarget within src/squirrel/squirrel/sqfuncstate.cpp, where manipulating the _target_stack can cause an out-of-bounds read during local execution. Publicly disclosed exploits exist per the sources, an...

7.8CVSS5.2AI score0.00213EPSS
CVE
CVE
added 2026/03/01 10:2 a.m.21 views

CVE-2026-3389

CVE-2026-3389 affects Squirrel up to version 3.2. The vulnerability targets sqstd_rex_newnode in sqstdlib/sqstdrex.cpp, leading to a null pointer dereference when manipulated. Exploitation is local, and a public disclosure indicates potential use in the wild. The project was informed early via an...

5.5CVSS5.6AI score0.00166EPSS