MrubyCVEs & Vulnerabilities

41 CVEs affecting Mruby products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

mruby 44
CVE-2025-13120MEDIUM

A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sort_cmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is eb398971bfb43c38db3e04528b68ac9a7ce509bc. It is advisable to implement a patch to correct this issue.

13 Nov 2025
5.5
CVSS
CVE-2025-12875HIGH

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. This patch is called 93619f06dd378db6766666b30c08978311c7ec94. It is best practice to apply a patch to resolve this issue.

8 Nov 2025
7.8
CVSS
CVE-2025-7207MEDIUM

A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scope_new of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is 1fdd96104180cc0fb5d3cb086b05ab6458911bb9. It is recommended to apply a patch to fix this issue.

9 Jul 2025
5.5
CVSS
CVE-2021-46023HIGH

An Untrusted Pointer Dereference was discovered in function mrb_vm_exec in mruby before 3.1.0-rc. The vulnerability causes a segmentation fault and application crash.

14 Feb 2023
7.5
CVSS
CVE-2022-1934HIGH

Use After Free in GitHub repository mruby/mruby prior to 3.2.

31 May 2022
7.8
CVSS
CVE-2022-1427HIGH

Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited.

23 Apr 2022
7.8
CVSS
CVE-2022-1286CRITICAL

heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.

10 Apr 2022
9.8
CVSS
CVE-2022-1276CRITICAL

Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.

10 Apr 2022
9.8
CVSS
CVE-2022-1212CRITICAL

Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.

5 Apr 2022
9.8
CVSS
CVE-2022-1201MEDIUM

NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system.

2 Apr 2022
6.5
CVSS
CVE-2022-1106CRITICAL

use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.

27 Mar 2022
9.1
CVSS
CVE-2022-1071HIGH

User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.

26 Mar 2022
8.2
CVSS
CVE-2022-0890MEDIUM

NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2.

10 Mar 2022
5.5
CVSS
CVE-2022-0717CRITICAL

Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2.

23 Feb 2022
9.1
CVSS
CVE-2022-0632MEDIUM

NULL Pointer Dereference in Homebrew mruby prior to 3.2.

19 Feb 2022
5.5
CVSS
CVE-2022-0630HIGH

Out-of-bounds Read in Homebrew mruby prior to 3.2.

19 Feb 2022
7.1
CVSS
CVE-2022-0631CRITICAL

Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.

18 Feb 2022
9.8
CVSS
CVE-2022-0623CRITICAL

Out-of-bounds Read in Homebrew mruby prior to 3.2.

17 Feb 2022
9.1
CVSS
CVE-2022-0614MEDIUM

Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2.

16 Feb 2022
5.5
CVSS
CVE-2022-0570CRITICAL

Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.

14 Feb 2022
9.8
CVSS
CVE-2022-0525CRITICAL

Out-of-bounds Read in Homebrew mruby prior to 3.2.

9 Feb 2022
9.1
CVSS
CVE-2022-0481HIGH

NULL Pointer Dereference in Homebrew mruby prior to 3.2.

5 Feb 2022
7.5
CVSS
CVE-2022-0326MEDIUM

NULL Pointer Dereference in Homebrew mruby prior to 3.2.

21 Jan 2022
5.5
CVSS
CVE-2022-0240HIGH

mruby is vulnerable to NULL Pointer Dereference

17 Jan 2022
7.5
CVSS
CVE-2021-46020HIGH

An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash.

14 Jan 2022
7.5
CVSS
CVE-2022-0080CRITICAL

mruby is vulnerable to Heap-based Buffer Overflow

2 Jan 2022
9.8
CVSS
CVE-2021-4188HIGH

mruby is vulnerable to NULL Pointer Dereference

30 Dec 2021
7.5
CVSS
CVE-2021-4110HIGH

mruby is vulnerable to NULL Pointer Dereference

15 Dec 2021
7.5
CVSS
CVE-2020-36401HIGH

mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).

1 Jul 2021
7.8
CVSS
CVE-2020-15866CRITICAL

mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling. It can be triggered via the stack_copy function.

21 Jul 2020
9.8
CVSS
CVE-2020-6840CRITICAL

In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c.

11 Jan 2020
9.8
CVSS
CVE-2020-6839CRITICAL

In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c.

11 Jan 2020
9.8
CVSS
CVE-2020-6838CRITICAL

In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c.

11 Jan 2020
9.8
CVSS
CVE-2018-14337HIGH

The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length.

17 Jul 2018
7.5
CVSS
CVE-2018-12249HIGH

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class_real because "class BasicObject" is not properly supported in class.c.

12 Jun 2018
7.5
CVSS
CVE-2018-12248HIGH

An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OP_ENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber.

12 Jun 2018
7.5
CVSS
CVE-2018-12247HIGH

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag).

12 Jun 2018
7.5
CVSS
CVE-2018-11743CRITICAL

The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_hash_keys uninitialized pointer and application crash) or possibly have unspecified other impact.

5 Jun 2018
9.8
CVSS
CVE-2018-10199CRITICAL

In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::File#initilialize_copy(). An attacker that can cause Ruby code to be run can possibly use this to execute arbitrary code.

18 Apr 2018
9.8
CVSS
CVE-2018-10191CRITICAL

In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. An attacker that can cause Ruby code to be run can use this to possibly execute arbitrary code.

18 Apr 2018
9.8
CVSS
CVE-2017-9527HIGH

The mark_context_stack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service (heap-based use-after-free and application crash) or possibly have unspecified other impact via a crafted .rb file.

11 Jun 2017
7.8
CVSS
← PrevPage 1 / 1Next →