Skip to main content

Squirrel EUVD-2026-29014

| CVE-2026-8258 LOW
Stack-based Buffer Overflow (CWE-121)
2026-05-11 VulDB GHSA-fff5-x34w-4v72
Buffer Overflow Stack Overflow
1.9
CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Severity Changed
May 11, 2026 - 02:22 NVD
MEDIUM LOW
CVSS changed
May 11, 2026 - 02:22 NVD
5.3 (MEDIUM) 1.9 (LOW)
Analysis Generated
May 11, 2026 - 02:00 vuln.today
CVE Published
May 11, 2026 - 00:45 nvd
MEDIUM 5.3

DescriptionNVD

A flaw has been found in Squirrel up to 3.2. Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Stack-based buffer overflow in Squirrel up to version 3.2 within the validate_format function of sqstdlib/sqstdstring.cpp allows local authenticated attackers to corrupt stack memory, potentially achieving code execution or denial of service. Public exploit code is available, and the vulnerability has been reported to the project with no vendor response documented at time of analysis.

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

EUVD-2026-29014 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy