CVE-2026-8829

🗓️ 04 Jun 2026 02:03:46Reported by CPANSecType

CVE-2026-8829: HTML::Entities before 3.84 for Perl may read freed heap memory in _decode_entities.

Reporter	Title	Published	Views	Family All 5
ATTACKERKB	CVE-2026-8829	4 Jun 202602:03	–	attackerkb
Cvelist	CVE-2026-8829 HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities	4 Jun 202602:03	–	cvelist
EUVD	EUVD-2026-34194	4 Jun 202603:30	–	euvd
NVD	CVE-2026-8829	4 Jun 202603:16	–	nvd
Positive Technologies	PT-2026-46135	4 Jun 202600:00	–	ptsecurity

[
  {
    "collectionURL": "https://cpan.org/modules",
    "defaultStatus": "unaffected",
    "packageName": "HTML-Parser",
    "product": "HTML::Entities",
    "programFiles": [
      "util.c"
    ],
    "programRoutines": [
      {
        "name": "HTML::Entities::_decode_entities"
      }
    ],
    "repo": "https://github.com/libwww-perl/HTML-Parser",
    "vendor": "OALDERS",
    "versions": [
      {
        "lessThan": "3.84",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/libwww-perl/HTML-Parser/commit/6922552b0778c90a9587a3894e248be4d3a25e1c.patch
github	www.github.com/libwww-perl/HTML-Parser/pull/56

04 Jun 2026 03:16Current

5.9Medium risk

Vulners AI Score5.9

CWE-416