Description
A vulnerability was determined in Squirrel up to 3.2. Affected by this vulnerability is the function SQFuncState::PopTarget of the file src/squirrel/squirrel/sqfuncstate.cpp. Executing a manipulation of the argument _target_stack can lead to out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-02-18
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Out‑of‑bounds read in Squirrel’s PopTarget function could allow an attacker to read sensitive memory data on the same host.
Action: Assess Impact
AI Analysis

Impact

The vulnerability resides in the function SQFuncState::PopTarget within src/squirrel/squirrel/sqfuncstate.cpp of Squirrel, affecting all releases up to 3.2. By manipulating the _target_stack argument, the interpreter performs an out‑of‑bounds read, enabling the disclosure of arbitrary memory content. This can expose confidential data, configuration details, or secrets held in memory, potentially compromising the confidentiality of the local system. The flaw does not grant write access or code execution, so the integrity or availability impact is limited to information leakage.

Affected Systems

All installations of the Squirrel scripting language up to and including version 3.2 are affected. The flaw exists in the core interpreter code and does not affect later major releases, although no official patch is currently documented. Users running any Squirrel script or application that embeds the interpreter should verify their version. No specific vendor or Product release notes identify a fix, so the affected range is broadly defined as "Squirrel <= 3.2".

Risk and Exploitability

The base CVSS score of 4.8 indicates a moderate severity, and the EPSS probability is below 1 %, suggesting very low exploitation likelihood at present. The vulnerability is confirmed as locally exploitable; an attacker with local access could construct a malicious script to trigger the out‑of‑bounds read. The vulnerability is not listed in the CISA KEV catalog, implying no known large‑scale exploitation. Overall, the risk is moderate for environments where local code execution is possible, but unlikely to be abused at this time.

Generated by OpenCVE AI on April 17, 2026 at 18:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Squirrel to a version newer than 3.2 where bounds checking is applied in PopTarget; if a patch is unavailable, coordinate with the project maintainers to ensure the issue remains tracked.
  • Run the interpreter in an isolated environment—for example, a restricted container or chroot—so that local execution is limited to trusted users and the process has minimal privileges.
  • Compile Squirrel with compiler hardening flags such as stack protection, address space layout randomization, and enable bounds checking in the runtime if supported.
  • Regularly audit Squirrel logs and memory‑related error messages for signs of abnormal PopTarget activity, and investigate any suspicious behavior promptly.

Generated by OpenCVE AI on April 17, 2026 at 18:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 20 Feb 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Squirrel-lang
Squirrel-lang squirrel
CPEs cpe:2.3:a:squirrel-lang:squirrel:*:*:*:*:*:*:*:*
Vendors & Products Squirrel-lang
Squirrel-lang squirrel

Thu, 19 Feb 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Albertodemichelis
Albertodemichelis squirrel
Vendors & Products Albertodemichelis
Albertodemichelis squirrel

Wed, 18 Feb 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 18 Feb 2026 18:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was determined in Squirrel up to 3.2. Affected by this vulnerability is the function SQFuncState::PopTarget of the file src/squirrel/squirrel/sqfuncstate.cpp. Executing a manipulation of the argument _target_stack can lead to out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
Title Squirrel sqfuncstate.cpp PopTarget out-of-bounds
Weaknesses CWE-119
CWE-125
References
Metrics cvssV2_0

{'score': 1.7, 'vector': 'AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 3.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Albertodemichelis Squirrel
Squirrel-lang Squirrel
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-02-23T10:18:34.219Z

Reserved: 2026-02-18T07:20:39.455Z

Link: CVE-2026-2659

cve-icon Vulnrichment

Updated: 2026-02-18T18:02:56.794Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-18T18:24:34.610

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-2659

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T18:45:25Z

Weaknesses