← Back to CVEs

CVE-2026-3383

LOW

3.3

Description

A weakness has been identified in ChaiScript up to 6.1.0. This affects the function chaiscript::Boxed_Number::go of the file include/chaiscript/dispatchkit/boxed_number.hpp. Executing a manipulation can lead to divide by zero. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

CVE Details

CVSS v3.1 Score3.3

SeverityLOW

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Attack VectorLOCAL

ComplexityLOW

Privileges RequiredLOW

User InteractionNONE

Published3/1/2026

Last Modified3/5/2026

Sourcenvd

Honeypot Sightings0

Affected Products

chaiscript:chaiscript

Weaknesses (CWE)

CWE-369CWE-404

References

https://github.com/ChaiScript/ChaiScript/(cna@vuldb.com)

https://github.com/ChaiScript/ChaiScript/issues/634(cna@vuldb.com)

https://github.com/ChaiScript/ChaiScript/issues/634#issue-3828234470(cna@vuldb.com)

https://vuldb.com/?ctiid.348269(cna@vuldb.com)

https://vuldb.com/?id.348269(cna@vuldb.com)

https://vuldb.com/?submit.761302(cna@vuldb.com)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.