Dismissed
Permalink
CVE-2026-3387
3.3 LOW
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
by @LeSuisse Activity log
- Created automatic suggestion
-
@LeSuisse
removed
4 packages
- fairywren
- tree-sitter-grammars.tree-sitter-wren
- python313Packages.tree-sitter-grammars.tree-sitter-wren
- python314Packages.tree-sitter-grammars.tree-sitter-wren
- @LeSuisse dismissed
wren-lang wren wren_compiler.c getByteCountForArguments null pointer dereference
A vulnerability has been found in wren-lang wren up to 0.4.0. Affected by this issue is the function getByteCountForArguments of the file src/vm/wren_compiler.c. Such manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
References
- VDB-348273 | wren-lang wren wren_compiler.c getByteCountForArguments null pointer dereference vdb-entry technical-description
- VDB-348273 | CTI Indicators (IOB, IOC, IOA) signature permissions-required
- Submit #761312 | wren-lang wren main-branch NULL Pointer Dereference third-party-advisory
- https://github.com/wren-lang/wren/issues/1220 issue-tracking
- https://github.com/oneafter/0122/blob/main/i1220/repro exploit
- https://github.com/wren-lang/wren/ product
Affected products
wren
- ==0.3
- ==0.2
- ==0.1
- ==0.4.0
Ignored packages (4)
pkgs.fairywren
FairyWren Icon Set
-
nixos-unstable 0-unstable-2026-02-15
- nixpkgs-unstable 0-unstable-2026-02-15
- nixos-unstable-small 0-unstable-2026-02-15
-
nixos-25.11 0-unstable-2024-06-10
- nixos-25.11-small 0-unstable-2024-06-10
- nixpkgs-25.11-darwin 0-unstable-2024-06-10
pkgs.tree-sitter-grammars.tree-sitter-wren
Tree-sitter grammar for wren
-
nixos-unstable 0-unstable-2024-01-01
- nixpkgs-unstable 0-unstable-2024-01-01
- nixos-unstable-small 0-unstable-2024-01-01
pkgs.python313Packages.tree-sitter-grammars.tree-sitter-wren
Python bindings for tree-sitter-wren
-
nixos-unstable 0+unstable20240101
- nixpkgs-unstable 0+unstable20240101
- nixos-unstable-small 0+unstable20240101
pkgs.python314Packages.tree-sitter-grammars.tree-sitter-wren
Python bindings for tree-sitter-wren
-
nixos-unstable 0+unstable20240101
- nixpkgs-unstable 0+unstable20240101
- nixos-unstable-small 0+unstable20240101