VYPR
Vendor

Lily Lang

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2026-3392LowMar 1, 2026
    risk 0.21cvss 3.3epss 0.00

    A weakness has been identified in FascinatedBox lily up to 2.3. The affected element is the function eval_tree of the file src/lily_emitter.c. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit has been made available to…

  • CVE-2026-3391LowMar 1, 2026
    risk 0.21cvss 3.3epss 0.00

    A security flaw has been discovered in FascinatedBox lily up to 2.3. Impacted is the function clear_storages of the file src/lily_emitter.c. The manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit has been released to the public…

  • CVE-2026-3390LowMar 1, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patch_line_end of the file src/lily_build_error.c of the component Error Reporting. The manipulation leads to out-of-bounds read. The attack can only be performed from a local…

  • CVE-2026-2662LowFeb 18, 2026
    risk 0.21cvss 3.3epss 0.00

    A weakness has been identified in FascinatedBox lily up to 2.3. This vulnerability affects the function count_transforms of the file src/lily_emitter.c. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been made available to…

  • CVE-2026-2660LowFeb 18, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was identified in FascinatedBox lily up to 2.3. Affected by this issue is the function shorthash_for_name of the file src/lily_symtab.c. The manipulation leads to use after free. Local access is required to approach this attack. The exploit is publicly available…