CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/06/12 12:28 p.m.•6 views

OESA-2026-2684 perl-DBI security update

The DBI is the standard database interface module for Perl. It defines a set of methods, variables and conventions that provide a consistent database interface independent of the actual database being used. It is important to remember that the DBI is just an interface. The DBI is a layer of "glue...

9.8CVSS6AI score0.00421EPSS

OPENSUSE Linux•added 2026/06/11 12:0 a.m.•7 views

perl-DBI-1.648.0-1.1 on GA media (moderate)

perl-DBI-1.648.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10986-1 Rating: moderate Cross-References: CVE-2026-10879 CVE-2026-9698 CVSS scores: CVE-2026-10879 SUSE : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-10879 SUSE : 6.8...

7.8CVSS5.5AI score0.00421EPSS

EUVD•added 2026/06/09 7:22 a.m.•9 views

EUVD-2026-35366

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a...

9.8CVSS5.9AI score0.00421EPSS

Vulnrichment•added 2026/06/09 7:22 a.m.•8 views

CVE-2026-9698 DBI versions before 1.648 for Perl saved errors in a limited-sized buffer

6AI score0.00421EPSS

CVE•added 2026/06/09 7:22 a.m.•26 views

CVE-2026-9698

CVE-2026-9698 affects the Perl DBI module. Versions before 1.648 save error messages in a 200-byte buffer without length control, allowing an attacker who can influence error text to trigger a buffer overflow. Connected sources confirm the issue in DBI for Perl and identify the vulnerable compone...

9.8CVSS5.9AI score0.00421EPSS

Exploits0References3Affected Software1

SUSE CVE•added 2026/06/09 2:27 a.m.•11 views

SUSE CVE-2026-10879

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

5.5CVSS5.7AI score0.00413EPSS

Positive Technologies•added 2026/06/09 12:0 a.m.•8 views

PT-2026-47705

Name of the Vulnerable Software and Affected Versions DBI versions prior to 1.648 Description Error messages returned when RaiseError, PrintError, or HandleError are enabled are written to a 200-byte buffer that lacks a length limit. Attackers capable of influencing the error text within an...

9.8CVSS5.7AI score0.00421EPSS

Exploits0References8

CNNVD•added 2026/06/09 12:0 a.m.•11 views

DBI 缓冲区错误漏洞

DBI is a Perl database interface tool developed under the open-source license of perl5-dbi. Versions of DBI prior to 1.648 contained a buffer error vulnerability. This vulnerability stemmed from the lack of length limitation when error messages were written into a 200-byte buffer, which could lea...

9.8CVSS5.7AI score0.00421EPSS

Exploits0References1

NVD•added 2026/06/05 3:16 p.m.•11 views

CVE-2026-10879

9.8CVSS0.00413EPSS

Cvelist•added 2026/06/05 2:30 p.m.•42 views

CVE-2026-10879 DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders

0.00413EPSS

Debian CVE•added 2026/06/05 2:30 p.m.•7 views

CVE-2026-10879

9.8CVSS5.7AI score0.00413EPSS

EUVD•added 2026/06/05 2:30 p.m.•7 views

EUVD-2026-34843

5.7AI score0.00413EPSS

ATTACKERKB•added 2026/06/05 2:30 p.m.•4 views

CVE-2026-10879

5.7AI score0.00413EPSS

CVE•added 2026/06/05 2:30 p.m.•53 views

CVE-2026-10879

CVE-2026-10879 affects DBI for Perl, pre-1.648. A heap overflow occurs during preparsing SQL with more than 9 binders; the preparse method expands placeholders to :pN but only allocates 3 characters per binder, causing overflow as placeholders 10–99 need 4 chars, 100–999 need 5, etc. The issue is...

9.8CVSS5.7AI score0.00413EPSS

Exploits0References3Affected Software1

CNNVD•added 2026/06/05 12:0 a.m.•6 views

DBI 安全漏洞

DBI is a Perl database interface tool developed under the open-source license of perl5-dbi. Versions of DBI prior to 1.648 contained security vulnerabilities; these vulnerabilities stemmed from heap overflows that occurred when pre-resolving SQL statements involving more than nine binders...

9.8CVSS5.6AI score0.00413EPSS

Tenable Nessus•added 2026/06/05 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-10879

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder...

9.8CVSS5.8AI score0.00413EPSS

Positive Technologies•added 2026/06/05 12:0 a.m.•10 views

PT-2026-46958

Name of the Vulnerable Software and Affected Versions DBI versions prior to 1.648 Description A heap overflow occurs when preparsing SQL statements containing more than 9 binders. The preparse function expands SQL placeholder characters into numbered binders using the format :pN, but it only...

9.8CVSS5.6AI score0.00413EPSS

Exploits0References23

Fedora•added 2026/05/06 12:51 a.m.•6 views

[SECURITY] Fedora 44 Update: pdns-5.0.4-1.fc44

The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only name server. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database...

7.5CVSS5.8AI score0.00423EPSS