A vulnerability labeled as critical has been found in Squirrel up to 3.2 . Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp . Executing a manipulation can lead to stack-based buffer overflow. The identification of this vulnerability is CVE-2026-8258 . The attack can only be executed locally. Furthermore, there is an exploit available. The project was informed of the problem early through an issue report but has not responded yet.