Primary

Context

Berry-Lang Berry Out-of-Bounds Read Vulnerability in the Lexer

Vulnerability

A vulnerability allowing out-of-bounds read has been identified in Berry-Lang Berry versions through 1.1.0. The issue arises in the 'scan_string' function within 'src/be_lexer.c', where the code can read past the intended buffer under certain conditions. This vulnerability requires local access to exploit and has been publicly disclosed, with an available proof-of-concept exploit.

Impact

Exploitation of this vulnerability leads to a global buffer overflow, causing an invalid read access that can be exploited to manipulate the program's execution or cause a crash.

Reproduction

The vulnerability can be reproduced by building Berry with release optimization and AddressSanitizer (ASan) enabled. After compiling the program, it can be run with a crafted script that triggers the out-of-bounds read. This script can be obtained from the GitHub repository 'oneafter/0211'.

Added: Feb 27, 2026, 3:21 AM

Updated: Feb 27, 2026, 3:21 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.2

remediation

0.0

relevance

3.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.2

remediation

0.0

relevance

3.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Berry-Lang Berry Out-of-Bounds Read Vulnerability in the Lexer

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating