login
login
Home
CPANSec CVE announcements
Archive index June 2026
Date Index - June 2026 - CPANSec CVE announcements
Search:
Search
« May
Archive index
By threads
Refresh
July »
03 Jun 2026 00:32 UTC
CVE-2026-9334: Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeys_as_arrayref is enabled
Paul Johnson
03 Jun 2026 00:34 UTC
CVE-2026-9516: Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws
Paul Johnson
03 Jun 2026 23:48 UTC
CVE-2026-8722: Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections
Robert Rothenberg
04 Jun 2026 02:09 UTC
CVE-2026-8829: HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities
Paul Johnson
04 Jun 2026 15:47 UTC
CVE-2026-46739: Net::Statsd versions before 0.13 for Perl allow metric injections
Robert Rothenberg
04 Jun 2026 15:55 UTC
CVE-2026-46741: Etsy::StatsD versions through 1.002002 for Perl allow metric injections
Robert Rothenberg
04 Jun 2026 16:09 UTC
CVE-2026-49940: Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks
Robert Rothenberg
04 Jun 2026 16:10 UTC
CVE-2026-49941: Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses
Robert Rothenberg
04 Jun 2026 16:11 UTC
CVE-2026-49942: Net::CIDR::Set versions through 0.20 for Perl did not validate network masks
Robert Rothenberg
05 Jun 2026 14:34 UTC
CVE-2026-10879: DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders
Robert Rothenberg
05 Jun 2026 14:44 UTC
CVE-2026-9270: DataDog::DogStatsd versions through 0.07 for Perl allow metric injections
Robert Rothenberg
05 Jun 2026 14:46 UTC
CVE-2026-11362: DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags
Robert Rothenberg
