CVE-2026-3382

Exploit

EPSS 0.02%
Veröffentlicht 01.03.2026 05:32:12
Zuletzt bearbeitet 02.03.2026 20:30:10
Quelle cna@vuldb.com
CVE-Watchlists
Login
Unerledigt
Login

A security flaw has been discovered in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::Boxed_Number::get_as of the file include/chaiscript/dispatchkit/boxed_number.hpp. Performing a manipulation results in memory corruption. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Herstellern/a

≫

Produkt ChaiScript

Version 6.0

Status affected

Version 6.1.0

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.03

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
cna@vuldb.com	3.3	1.8	1.4	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
cna@vuldb.com	4.8	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
cna@vuldb.com	1.7	3.1	2.9	AV:L/AC:L/Au:S/C:N/I:N/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://github.com/ChaiScript/ChaiScript/

https://vuldb.com/?id.348268

https://vuldb.com/?ctiid.348268

https://vuldb.com/?submit.761301

https://github.com/ChaiScript/ChaiScript/issues/635

https://github.com/ChaiScript/ChaiScript/issues/635#issue-3828258513

https://nvd.nist.gov/vuln/detail/CVE-2026-3382

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-3382

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-3382

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-3382