CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

NVD•added 2026/06/10 7:16 p.m.•13 views

CVE-2026-50639

Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics, separated by newlines, to be sent per packet. Metrics::Any::Adapter::SignalFx which extends...

6.5CVSS0.00264EPSS

Exploits0References4

NVD•added 2026/06/10 7:16 p.m.•16 views

CVE-2026-50638

Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics, separated by newlines, to be sent per packet. Metrics::Any::Adapter::DogStatsd which extends...

9.1CVSS0.00343EPSS

Exploits0References4

Cvelist•added 2026/06/10 6:32 p.m.•33 views

CVE-2026-50638 Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections

0.00343EPSS

Exploits0References4

Vulnrichment•added 2026/06/10 6:32 p.m.•7 views

CVE-2026-50638 Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections

5.8AI score0.00343EPSS

Exploits0References4

EUVD•added 2026/06/10 6:32 p.m.•10 views

EUVD-2026-36105

Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics,separated by newlines, to be sent per packet. Metrics::Any::Adapter::DogStatsd which extends...

9.1CVSS5.4AI score0.00343EPSS

Exploits0References3

CVE•added 2026/06/10 6:32 p.m.•19 views

CVE-2026-50638

CVE-2026-50638 affects Metrics::Any::Adapter::DogStatsd (Perl) versions before 0.04. The issue arises because the DogStatsd adapter does not validate newline or statsd control characters in tags, enabling potential metric injections when multiple metrics are sent per UDP/TCP packet. The vulnerabi...

9.1CVSS5.8AI score0.00343EPSS

Exploits0References4Affected Software1

CNNVD•added 2026/06/10 12:0 a.m.•7 views

Metrics::Any::Adapter::DogStatsd 注入漏洞

Metrics::Any::Adapter::DogStatsd is a Perl metric collection adapter module developed by PEVANS’ personal developers. Versions of Metrics::Any::Adapter::DogStatsd prior to 0.04 contained an injection vulnerability. This vulnerability occurred because the tags function did not check the line break...

9.1CVSS5.3AI score0.00343EPSS

Exploits0References1

Positive Technologies•added 2026/06/10 12:0 a.m.•12 views

PT-2026-48520

Name of the Vulnerable Software and Affected Versions Metrics::Any::Adapter::DogStatsd versions prior to 0.04 Description The software does not protect against metric injections. The statsd protocol and its extensions, such as dogstatsd, allow multiple metrics to be sent per packet when separated...

9.1CVSS5.8AI score0.00343EPSS

Exploits0References9

RedhatCVE•added 2026/06/06 6:43 p.m.•13 views

CVE-2026-11362

DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The formatevent method used by the event method does not validate the content of the tags, whi...

9.8CVSS5.4AI score0.00447EPSS

Exploits0References1

RedhatCVE•added 2026/06/06 6:43 p.m.•15 views

CVE-2026-9270

DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The sendstats method does not remove newlines from metric names $stat variable, allowing attackers to change t...

9.1CVSS5.5AI score0.00331EPSS

Exploits0References1

NVD•added 2026/06/05 4:16 p.m.•12 views

CVE-2026-9270

9.1CVSS0.00331EPSS

Exploits0References3

NVD•added 2026/06/05 4:16 p.m.•13 views

CVE-2026-11362

9.8CVSS0.00447EPSS

Exploits0References3

Vulnrichment•added 2026/06/05 2:50 p.m.•8 views

CVE-2026-11362 DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags

5.4AI score0.00447EPSS

Exploits0References3

EUVD•added 2026/06/05 2:50 p.m.•11 views

EUVD-2026-34847

8.2CVSS5.4AI score0.00447EPSS

Exploits0References3

Cvelist•added 2026/06/05 2:50 p.m.•38 views

CVE-2026-11362 DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags

0.00447EPSS

Exploits0References3

ATTACKERKB•added 2026/06/05 2:50 p.m.•5 views

CVE-2026-11362

5.4AI score0.00447EPSS

Exploits0References4

CVE•added 2026/06/05 2:50 p.m.•24 views

CVE-2026-11362

DataDog::DogStatsd for Perl versions through 0.07 is vulnerable to metric injections via event tags. The root cause is the format_event method not validating tag content, allowing commas, newlines, pipes and colons in tags; an ineffective pipe-removal attempt (s/|//g) due to unescaped pipe being ...

9.8CVSS5.4AI score0.00447EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2026/06/05 2:49 p.m.•6 views

CVE-2026-9270

5.5AI score0.00331EPSS

Exploits0References4

Vulnrichment•added 2026/06/05 2:49 p.m.•8 views

CVE-2026-9270 DataDog::DogStatsd versions through 0.07 for Perl allow metric injections

5.5AI score0.00331EPSS

Exploits0References3

CVE•added 2026/06/05 2:49 p.m.•50 views

CVE-2026-9270

DataDog::DogStatsd for Perl (up to version 0.07) is vulnerable to metric injections due to insufficient input sanitization in the send_stats pathway. The stat name is not stripped of newlines, enabling prefix manipulation; the value (delta) is not validated, allowing injection via set/gauge/count...

9.1CVSS5.5AI score0.00331EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by