CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 5 hours ago•4 views

CVE-2026-49940

Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One U+0661 were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks...

6.5CVSS

CVE•added 6 hours ago•7 views

CVE-2026-49941

CVE-2026-49941 affects Net::CIDR::Set (Perl) up to version 0.20. The vulnerability arises when add() delegates to _encode() to parse addresses; inputs that aren’t netmasks/ranges are treated as single IPs and recursed as 32/128-bit netmasks. If an argument isn’t a well-formed IP address, this can...

ATTACKERKB•added 6 hours ago•1 views

CVE-2026-49941

Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses. The add method called the encode method to parse addresses. If the addresses did not look like netmasks or network ranges, then they were assumed to single IP addresses and passed back to itself as a 32-bit or 128-bit...

Vulnrichment•added 6 hours ago•3 views

CVE-2026-49941 Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses

5.8AI score

Exploits0References1

CVE•added 6 hours ago•8 views

CVE-2026-49940

Net::CIDR::Set for Perl is affected up to version 0.20. The issue arises because non-ASCII IP addresses and netmasks are accepted, with Unicode digits (e.g., Arabic-Indic One U+0661) not parsed as numbers, potentially allowing larger networks than intended. Several connected sources cite upgradin...

6.5CVSS5.8AI score

EUVD•added 6 hours ago•4 views

EUVD-2026-34297

6.5CVSS5.8AI score0.00258EPSS

ATTACKERKB•added 6 hours ago•1 views

CVE-2026-49940

6.5CVSS5.8AI score

Positive Technologies•added yesterday•6 views

PT-2026-46267

Name of the Vulnerable Software and Affected Versions Net::CIDR::Set versions prior to 0.21 Description The software fails to validate IP addresses. The add function calls the encode function to parse addresses; if the input does not resemble netmasks or network ranges, it is treated as a single ...

Positive Technologies•added yesterday•6 views

Exploits0References5

PT-2026-46266

Name of the Vulnerable Software and Affected Versions Net::CIDR::Set versions prior to 0.21 Description The software accepts non-ASCII IP addresses and netmasks. Unicode digits, such as the Arabic-Indic One U+0661, are accepted but not properly parsed as numbers, which could allow network masks t...

6.5CVSS5.8AI score

Exploits0References6

OSV•added yesterday•2 views

OPENSUSE-SU-2026:10951-1 perl-Net-CIDR-Set-0.210.0-1.1 on GA media

These are all security issues fixed in the perl-Net-CIDR-Set-0.210.0-1.1 package on the GA media of openSUSE Tumbleweed...

CNNVD•added 2026/02/27 12:0 a.m.•3 views

MetaCPAN Net::CIDR::Set 安全漏洞

MetaCPAN Net::CIDR::Set is a library from the MetaCPAN Foundation. Versions of MetaCPAN Net::CIDR::Set prior to 0.24 contained a security vulnerability. This vulnerability stemmed from improper handling of leading zeros in IP CIDR addresses, which could lead to bypassing IP-based access controls...

6.5CVSS5.8AI score0.00072EPSS

Tenable Nessus•added 2025/08/27 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-40911

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly handle leading zero characters in IP CIDR address strings, which could allow attackers to...

6.5CVSS6.7AI score0.00258EPSS

RedhatCVE•added 2025/05/29 9:31 p.m.•22 views

CVE-2025-40911

Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly handle leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses. Leading zeros are used to indicate octal numbers, which can confuse users who are...

6.5CVSS7AI score0.00258EPSS

Exploits0References1

OSV•added 2025/05/27 10:15 p.m.•2 views

DEBIAN-CVE-2025-40911

6.5CVSS5.4AI score0.00258EPSS

Exploits0References1

NVD•added 2025/05/27 10:15 p.m.•35 views

CVE-2025-40911

6.5CVSS0.00258EPSS

OSV•added 2025/05/27 10:15 p.m.•2 views

CVE-2025-40911

6.5CVSS6.6AI score

OSV•added 2025/05/27 10:15 p.m.•1 views

UBUNTU-CVE-2025-40911

6.5CVSS5.8AI score0.00258EPSS

Exploits0References6

CVE•added 2025/05/27 9:17 p.m.•61 views

CVE-2025-40911

CVE-2025-40911 affects Net::CIDR::Set for Perl versions 0.10–0.13, which misparses IP CIDR strings with leading zeros, allowing potential access-control bypass. Root cause: octal interpretation of leading zeros; Net::CIDR::Set derived code from Net::CIDR::Lite (CVE-2021-47154). Public details poi...

6.5CVSS6.6AI score0.00258EPSS

Cvelist•added 2025/05/27 9:17 p.m.•13 views

CVE-2025-40911 Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses

0.00258EPSS