CVE-2022-30292

CRITICAL

SQUIRREL 3.2 - Heap-based Buffer Overflow in sqbaselib.cpp

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-30292. PoCs published by sprushed.

AI-analyzed exploit summary This repository provides a detailed writeup for CVE-2022-30292, a heap-based buffer overflow in Squirrel 3.2 and below. It describes the vulnerability, attack vectors, and affected applications but does not include a proof-of-concept exploit.

Description

Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call.

Exploits (1)

nomisec WRITEUP 2 stars
by sprushed · poc
https://github.com/sprushed/CVE-2022-30292

This repository provides a detailed writeup for CVE-2022-30292, a heap-based buffer overflow in Squirrel 3.2 and below. It describes the vulnerability, attack vectors, and affected applications but does not include a proof-of-concept exploit.

Classification
Writeup 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Squirrel 3.2 and below
No auth needed
Prerequisites: Crafted Squirrel bytecode or source file · Execution of malicious script by victim
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory x_refsource_misc
https://github.com/sprushed/CVE-2022-30292

Scores

CVSS v3 10.0
EPSS 0.0350
EPSS Percentile 87.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (3)
fedoraproject/fedora 35
fedoraproject/fedora 36
squirrel-lang/squirrel 3.2
Published May 04, 2022
Tracked Since Feb 18, 2026