VYPR
Low severity3.3NVD Advisory· Published Mar 1, 2026· Updated Apr 29, 2026

CVE-2026-3385

CVE-2026-3385

Description

A vulnerability was detected in wren-lang wren up to 0.4.0. Affected is the function resolveLocal of the file src/vm/wren_compiler.c. The manipulation results in uncontrolled recursion. Attacking locally is a requirement. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Wren/Wren2 versions
    cpe:2.3:a:wren:wren:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:wren:wren:*:*:*:*:*:*:*:*range: <=0.4.0
    • (no CPE)range: <=0.4.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.