Vulnerabilities ›

CVE-2026-3285

Low

CWE-119 — Weakness Type

                    Published: Feb 27, 2026                      ·  Modified: Feb 28, 2026                      ·  Source: NVD                

CVSS v3

3.3

🔗 NVD Official

📄 Description (English)

A vulnerability was determined in berry-lang berry up to 1.1.0. The affected element is the function scan_string of the file src/be_lexer.c. This manipulation causes out-of-bounds read. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Patch name: 7149c59a39ba44feca261b12f06089f265fec176. Applying a patch is the recommended action to fix this issue.

🤖 AI Executive Summary

CVE-2026-3285 is a low-severity out-of-bounds read vulnerability in berry-lang version 1.1.0 affecting the scan_string function in src/be_lexer.c. The vulnerability requires local access and has been publicly disclosed, with a patch available.

📄 Description (Arabic)

تم اكتشاف ثغرة قراءة خارج الحدود في berry-lang الإصدار 1.1.0 وما قبله في دالة scan_string بملف src/be_lexer.c. تتطلب الثغرة وصولاً محلياً للاستغلال وقد تم الكشف عنها علناً.

🤖 ملخص تنفيذي (AI)

A low-severity out-of-bounds read vulnerability exists in berry-lang up to version 1.1.0 in the scan_string function. Local access is required to exploit this vulnerability, and a patch has been released to address the issue.

🤖 AI Intelligence Analysis Analyzed: May 30, 2026 08:02

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: low

🏢 Affected Saudi Sectors

government

🎯 MITRE ATT&CK Techniques

T1526

⚖️ Saudi Risk Score (AI)

3.0

/ 10.0

🔧 Remediation Steps (English)

Update berry-lang to a version after 1.1.0 or apply patch 7149c59a39ba44feca261b12f06089f265fec176 to remediate this out-of-bounds read vulnerability.

🔧 خطوات المعالجة (العربية)

قم بتحديث berry-lang إلى إصدار أحدث من 1.1.0 أو تطبيق التصحيح 7149c59a39ba44feca261b12f06089f265fec176 لمعالجة ثغرة القراءة خارج الحدود.

📋 Regulatory Compliance Mapping

🟡 ISO 27001:2022

A.14.2.1

🔗 References & Sources 8

🔗

https://github.com/berry-lang/berry/

cna@vuldb.com

🔗

https://github.com/berry-lang/berry/commit/7149c59a39ba44feca261b12f06089f265fec176

cna@vuldb.com

🔗

https://github.com/berry-lang/berry/issues/509

cna@vuldb.com

🔗

https://github.com/berry-lang/berry/pull/511

cna@vuldb.com

🔗

https://github.com/oneafter/0211/blob/main/be/repro

cna@vuldb.com

🔗

https://vuldb.com/?ctiid.348014

cna@vuldb.com

🔗

https://vuldb.com/?id.348014

cna@vuldb.com

🔗

https://vuldb.com/?submit.758872

cna@vuldb.com

📊 CVSS Score

3.3

/ 10.0 — Low

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityN — None / Network

AvailabilityN — None / Network

📋 Quick Facts

Severity Low

CVSS Score3.3

CWECWE-119

EPSS0.02%

Exploit No

Patch ✗ No

Published 2026-02-27

Source Feed nvd

🇸🇦 Saudi Risk Score

3.0

/ 10.0 — Saudi Risk

Priority: LOW

🏷️ Tags

CWE-119

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2026-3285

💬 Comments

Introduce Yourself

Sign In Required