CVE-2026-8612

🗓️ 15 May 2026 01:11:55Reported by CPANSecType

CVE-2026-8612: Perl WWW::Mechanize::Cached pre-2.00 deserializes cached HTTP responses from world-writable on-disk cache, enabling local code execution.

Reporter	Title	Published	Views	Family All 13
ATTACKERKB	CVE-2026-8612	15 May 202601:11	–	attackerkb
AlpineLinux	CVE-2026-8612	15 May 202601:11	–	alpinelinux
Circl	CVE-2026-8612	15 May 202602:05	–	circl
CNNVD	WWW::Mechanize::Cached 代码问题漏洞	15 May 202600:00	–	cnnvd
Cvelist	CVE-2026-8612 WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution	15 May 202601:11	–	cvelist
EUVD	EUVD-2026-30495	15 May 202601:11	–	euvd
Mageia	Updated perl-WWW-Mechanize-Cached, perl-File-XDG & perl-Path-Tiny packages fix security vulnerabilities	18 May 202619:12	–	mageia
NVD	CVE-2026-8612	15 May 202602:16	–	nvd
OSV	MGASA-2026-0149 Updated perl-WWW-Mechanize-Cached, perl-File-XDG & perl-Path-Tiny packages fix security vulnerabilities	18 May 202619:12	–	osv
Positive Technologies	PT-2026-41236	15 May 202600:00	–	ptsecurity

NVD

Node

oalders www::mechanize::cachedRange<2.00perl

[
  {
    "collectionURL": "https://cpan.org/modules",
    "defaultStatus": "unaffected",
    "packageName": "WWW-Mechanize-Cached",
    "product": "WWW::Mechanize::Cached",
    "programFiles": [
      "lib/WWW/Mechanize/Cached.pm"
    ],
    "programRoutines": [
      {
        "name": "WWW::Mechanize::Cached::_build_cache"
      },
      {
        "name": "WWW::Mechanize::Cached::_make_request"
      }
    ],
    "repo": "https://github.com/libwww-perl/WWW-Mechanize-Cached",
    "vendor": "OALDERS",
    "versions": [
      {
        "lessThan": "2.00",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/libwww-perl/WWW-Mechanize-Cached/pull/36
metacpan	www.metacpan.org/release/OALDERS/WWW-Mechanize-Cached-2.00/changes
github	www.github.com/libwww-perl/WWW-Mechanize-Cached/commit/b821647deeedf83490ebc1db91d959d942300ce0.patch
openwall	www.openwall.com/lists/oss-security/2026/05/15/1

18 May 2026 18:17Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.15.3

EPSS0.00051

SSVC