Skip to main content

Squirrel CVE-2026-9541

| EUVD-2026-31813 LOW
Heap-based Buffer Overflow (CWE-122)
2026-05-26 VulDB GHSA-w3m6-w27h-v4g9
Heap Overflow Buffer Overflow Squirrel
1.9
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
1.9 LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jun 08, 2026 - 13:35 vuln.today
Severity Changed
May 26, 2026 - 14:22 NVD
MEDIUM LOW
CVSS changed
May 26, 2026 - 14:22 NVD
5.3 (MEDIUM) 1.9 (LOW)

DescriptionCVE.org

A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Heap-based buffer overflow in Squirrel versions 3.0 through 3.2 allows a locally authenticated low-privilege attacker to corrupt heap memory by supplying a malicious Cnut file to the ReadObject function in sqobject.cpp. The impact is limited to partial confidentiality, integrity, and availability effects with no scope change, as confirmed by the CVSS 4.0 score of 1.9. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local low-privilege access
Delivery
Craft malicious Cnut file with invalid object length
Exploit
Supply file to Squirrel-embedded application parser
Execution
Trigger heap-based buffer overflow in ReadObject (sqobject.cpp)
Persist
Corrupt adjacent heap memory
Impact
Achieve partial confidentiality, integrity, or availability impact
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation strictly requires local system access and at minimum low-privilege credentials, as confirmed by the CVSS:4.0 vector AV:L/PR:L. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Multiple intelligence signals converge on a consistently low-risk assessment. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A low-privilege local user on a system running an application that embeds the Squirrel scripting engine prepares a malformed Cnut file containing a crafted negative or oversized length field targeting the ReadObject function. The user supplies this file to the application - for example, by placing it in a directory monitored by a game modding loader or scripting pipeline - and upon parsing, the ReadObject function in sqobject.cpp writes beyond the bounds of a heap buffer, corrupting adjacent memory. …
Remediation No vendor-released patch has been identified at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-9541 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy