← Zuruck zu CVEs
CVE-2026-2656
LOW2.5
Beschreibung
A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::Type_Info::bare_equal of the file include/chaiscript/dispatchkit/type_info.hpp. This manipulation causes use after free. The attack requires local access. The attack's complexity is rated as high. The exploitability is reported as difficult. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
CVE Details
CVSS v3.1 Bewertung2.5
SchweregradLOW
CVSS VektorCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
AngriffsvektorLOCAL
KomplexitatHIGH
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht2/18/2026
Zuletzt geandert2/19/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
chaiscript:chaiscript
Schwachen (CWE)
CWE-119CWE-416
Referenzen
https://github.com/ChaiScript/ChaiScript/(cna@vuldb.com)
https://github.com/ChaiScript/ChaiScript/issues/636(cna@vuldb.com)
https://vuldb.com/?ctiid.346454(cna@vuldb.com)
https://vuldb.com/?id.346454(cna@vuldb.com)
https://vuldb.com/?submit.752790(cna@vuldb.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.