Primary

Context

ChaiScript Uncontrolled Recursion Vulnerability in Evaluation Function

Vulnerability

A stack overflow vulnerability due to uncontrolled recursion has been identified in ChaiScript versions through 6.1.0. The issue arises in the evaluation function 'chaiscript::eval::AST_Node_Impl::eval' and 'chaiscript::eval::Function_Push_Pop', located in 'include/chaiscript/language/chaiscript_eval.hpp'. This vulnerability requires local exploitation and has been publicly disclosed, with an available proof-of-concept exploit.

Impact

Exploitation of this vulnerability leads to a stack overflow, causing the host process to crash.

Reproduction

To reproduce this vulnerability, build ChaiScript with release optimization and AddressSanitizer (ASan) enabled. Then, run the ChaiScript interpreter with a script that defines a recursive operator, such as one that string interpolates and calls itself. The AddressSanitizer will report the stack overflow error, confirming the vulnerability.

Added: Mar 1, 2026, 8:21 AM

Updated: Mar 1, 2026, 8:21 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

3.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

3.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ChaiScript Uncontrolled Recursion Vulnerability in Evaluation Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating