mrubyc through 3.4.1 was found to contain a NULL pointer dereference in src/vm.c in op_super() / OP_SUPER due to a missing runtime guard for top-level super.
History

Sat, 11 Jul 2026 05:15:00 +0000

Type Values Removed Values Added
Title Null Pointer Dereference in mrubyc Virtual Machine

Fri, 10 Jul 2026 02:30:00 +0000

Type Values Removed Values Added
Title Null Pointer Dereference in mrubyc Virtual Machine

Thu, 09 Jul 2026 05:15:00 +0000

Type Values Removed Values Added
Title NULL Pointer Dereference in mrubyc Virtual Machine Leading to Crash

Wed, 08 Jul 2026 06:30:00 +0000

Type Values Removed Values Added
Title NULL Pointer Dereference in mrubyc Virtual Machine Leading to Crash

Tue, 07 Jul 2026 23:15:00 +0000

Type Values Removed Values Added
Title NULL Pointer Dereference in mrubyc VM op_super

Tue, 07 Jul 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 07 Jul 2026 06:45:00 +0000

Type Values Removed Values Added
Title NULL Pointer Dereference in mrubyc VM op_super
Weaknesses CWE-476

Mon, 06 Jul 2026 21:45:00 +0000

Type Values Removed Values Added
Description mrubyc through 3.4.1 was found to contain a NULL pointer dereference in src/vm.c in op_super() / OP_SUPER due to a missing runtime guard for top-level super.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-07-06T00:00:00.000Z

Updated: 2026-07-07T16:14:19.295Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-38976

cve-icon Vulnrichment

Updated: 2026-07-07T16:14:10.480Z

cve-icon NVD

No data.

cve-icon Redhat

No data.