CVE-2026-2657

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-2657

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-2657.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-2657

Published

2026-02-18T17:21:40.400Z

Modified

2026-02-23T07:49:55.727975Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability has been found in wren-lang wren up to 0.4.0. This impacts the function printError of the file src/vm/wren_compiler.c of the component Error Message Handler. Such manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

References

Affected packages

Git / github.com/wren-lang/wren

Affected ranges

Type: GIT
Repo: https://github.com/wren-lang/wren
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

7d3f063e87acebf3e7db3ff6455826e6a30f570e

Affected versions

0.*

0.1.0

0.2.0

0.3.0

0.4.0-pre

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-2657.json"