CVE-2026-3387 | wren-lang wren up to 0.4.0 src/vm/wren_compiler.c getByteCountForArguments null pointer dereference (Issue 1220)

Inserito da Angelo Barbosa | Feb 28, 2026 | CVE

A vulnerability categorized as problematic has been discovered in wren-lang wren up to 0.4.0. Affected by this issue is the function getByteCountForArguments of the file src/vm/wren_compiler.c. Such manipulation leads to null pointer dereference.

This vulnerability is uniquely identified as CVE-2026-3387. Local access is required to approach this attack. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-3387 | wren-lang wren up to 0.4.0 src/vm/wren_compiler.c getByteCountForArguments null pointer dereference (Issue 1220)

Post correlati

CVE-2025-12833 | GeoDirectory Plugin up to 2.8.139 on WordPress post_attachment_upload resource injection

CVE-2025-61783 | python-social-auth social-app-django up to 5.5.x Authentication Service associate_by_email incorrect implementation of authentication algorithm (ID 220)

CVE-2024-1425 | EmbedPress Plugin up to 3.9.8 on WordPress Google Calendar Widget Link cross site scripting

CVE-2024-54124 | Click Studios Passwordstate 8.3 Build 8397/8.9/9811 Edit Folder Screen permission