VYPR
Vendor

Squirrel Lang

Products
1
CVEs
10
Across products
10
Status
Private

Products

1

Recent CVEs

10
  • CVE-2021-41556CriJul 28, 2022
    risk 0.58cvss 10.0epss 0.02

    sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of the squirrel script…

  • CVE-2026-8261MedMay 11, 2026
    risk 0.38cvss 5.9epss 0.00

    A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and…

  • CVE-2026-9541MedMay 26, 2026
    risk 0.34cvss 5.3epss 0.00

    A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access.…

  • CVE-2026-8258MedMay 11, 2026
    risk 0.34cvss 5.3epss 0.00

    A flaw has been found in Squirrel up to 3.2. Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be…

  • CVE-2026-3389LowMar 1, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstd_rex_newnode in the library sqstdlib/sqstdrex.cpp. Executing a manipulation can lead to null pointer dereference. The attack can only be executed locally. The exploit has been…

  • CVE-2026-3388LowMar 1, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in Squirrel up to 3.2. This affects the function SQCompiler::Factor/SQCompiler::UnaryOP of the file squirrel/sqcompiler.cpp. Performing a manipulation results in uncontrolled recursion. The attack needs to be approached locally. The exploit has been…

  • CVE-2026-2661LowFeb 18, 2026
    risk 0.21cvss 3.3epss 0.00

    A security flaw has been discovered in Squirrel up to 3.2. This affects the function SQObjectPtr::operator in the library squirrel/sqobject.h. The manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit has been released to the…

  • CVE-2026-2659LowFeb 18, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in Squirrel up to 3.2. Affected by this vulnerability is the function SQFuncState::PopTarget of the file src/squirrel/squirrel/sqfuncstate.cpp. Executing a manipulation of the argument _target_stack can lead to out-of-bounds read. It is possible to…

  • CVE-2022-46330Dec 21, 2022
    risk 0.00cvss epss 0.00

    Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading…

  • CVE-2022-30292May 4, 2022
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call.