GCVE - cpe:2.3:a:n/a:chaiscript:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:chaiscript:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Chaiscript (`469105cc-70fc-57ae-8425-dfd0cd71e63e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-3384`	vulnerable	2026-06-08 08:01:18.541073	ChaiScript chaiscript_eval.hpp Function_Push_Pop recursion LOW (3.3) A security vulnerability has been detected in ChaiScript up to 6.1.0. This impacts the function chaiscript::eval::AST_Node_Impl::eval/chaiscript::eval::Function_Push_Pop of the file include/chaiscript/language/chaiscript_eval.hpp. The manipulation leads to uncontrolled recursion. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet. Published: 2026-03-01T08:02:08.777Z Updated: 2026-03-02T19:33:41.374Z Open on db.gcve.eu Reference links https://vuldb.com/?id.348270 https://vuldb.com/?ctiid.348270 https://vuldb.com/?submit.761303 https://github.com/ChaiScript/ChaiScript/issues/633 https://github.com/ChaiScript/ChaiScript/issues/633#issue-3828176056	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-3383`	vulnerable	2026-06-08 08:01:18.540409	ChaiScript boxed_number.hpp go divide by zero LOW (3.3) A weakness has been identified in ChaiScript up to 6.1.0. This affects the function chaiscript::Boxed_Number::go of the file include/chaiscript/dispatchkit/boxed_number.hpp. Executing a manipulation can lead to divide by zero. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. Published: 2026-03-01T06:32:08.741Z Updated: 2026-03-02T19:33:07.429Z Open on db.gcve.eu Reference links https://vuldb.com/?id.348269 https://vuldb.com/?ctiid.348269 https://vuldb.com/?submit.761302 https://github.com/ChaiScript/ChaiScript/issues/634 https://github.com/ChaiScript/ChaiScript/issues/634#issue-3828234470	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-3382`	vulnerable	2026-06-08 08:01:18.535868	ChaiScript boxed_number.hpp get_as memory corruption LOW (3.3) A security flaw has been discovered in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::Boxed_Number::get_as of the file include/chaiscript/dispatchkit/boxed_number.hpp. Performing a manipulation results in memory corruption. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. Published: 2026-03-01T05:32:12.992Z Updated: 2026-05-05T18:34:13.910Z Open on db.gcve.eu Reference links https://vuldb.com/?id.348268 https://vuldb.com/?ctiid.348268 https://vuldb.com/?submit.761301 https://github.com/ChaiScript/ChaiScript/issues/635 https://github.com/ChaiScript/ChaiScript/issues/635#issue-3828258513	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-2656`	vulnerable	2026-06-08 07:55:17.340363	ChaiScript type_info.hpp bare_equal use after free LOW (2.5) A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::Type_Info::bare_equal of the file include/chaiscript/dispatchkit/type_info.hpp. This manipulation causes use after free. The attack requires local access. The attack's complexity is rated as high. The exploitability is reported as difficult. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet. Published: 2026-02-18T14:32:07.335Z Updated: 2026-02-23T10:17:55.215Z Open on db.gcve.eu Reference links https://vuldb.com/?id.346454 https://vuldb.com/?ctiid.346454 https://vuldb.com/?submit.752790 https://github.com/ChaiScript/ChaiScript/issues/636 https://github.com/ChaiScript/ChaiScript/issues/636#issue-3828333582	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-2655`	vulnerable	2026-06-08 07:55:17.339104	ChaiScript chaiscript_defines.hpp operator use after free LOW (2.5) A vulnerability was detected in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::str_less::operator of the file include/chaiscript/chaiscript_defines.hpp. The manipulation results in use after free. The attack requires a local approach. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet. Published: 2026-02-18T14:02:06.141Z Updated: 2026-02-23T10:17:43.776Z Open on db.gcve.eu Reference links https://vuldb.com/?id.346453 https://vuldb.com/?ctiid.346453 https://vuldb.com/?submit.752788 https://github.com/ChaiScript/ChaiScript/issues/632 https://github.com/ChaiScript/ChaiScript/issues/632#issue-3827824936	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.