CVE-2026-2656

LOW 2.5

ChaiScript type_info.hpp bare_equal use after free

CVSS Score

2.5

EPSS Score

0.0%

EPSS Percentile

0th

A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::Type_Info::bare_equal of the file include/chaiscript/dispatchkit/type_info.hpp. This manipulation causes use after free. The attack requires local access. The attack's complexity is rated as high. The exploitability is reported as difficult. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.

CWE	CWE-416 CWE-119
Vendor	n/a
Product	chaiscript
Published	Feb 18, 2026
Last Updated	Feb 23, 2026

Stay Ahead of the Next One

Get instant alerts for n/a chaiscript

Be the first to know when new low vulnerabilities affecting n/a chaiscript are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

n/a / ChaiScript

6.0 6.1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.346454 vuldb.com: https://vuldb.com/?ctiid.346454 vuldb.com: https://vuldb.com/?submit.752790 github.com: https://github.com/ChaiScript/ChaiScript/issues/636 github.com: https://github.com/ChaiScript/ChaiScript/issues/636#issue-3828333582 github.com: https://github.com/ChaiScript/ChaiScript/

Credits

🔍 Oneafter (VulDB User)