CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

130 matches found

Cvelist•added 2026/06/04 3:54 p.m.•34 views

CVE-2026-46741 Etsy::StatsD versions through 1.002002 for Perl allow metric injections

Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...

0.00272EPSS

Exploits0References2

EUVD•added 2026/06/04 3:45 p.m.•8 views

EUVD-2026-34295

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...

8.2CVSS5.8AI score0.00331EPSS

Exploits0References3

ATTACKERKB•added 2026/06/04 3:45 p.m.•6 views

CVE-2026-46739

5.3CVSS5.8AI score0.00268EPSS

Exploits0References4

Cvelist•added 2026/06/04 3:45 p.m.•30 views

CVE-2026-46739 Net::Statsd versions before 0.13 for Perl allow metric injections

0.00268EPSS

Exploits0References3

Vulnrichment•added 2026/06/04 3:45 p.m.•10 views

CVE-2026-46739 Net::Statsd versions before 0.13 for Perl allow metric injections

5.8AI score0.00268EPSS

Exploits0References3

CVE•added 2026/06/04 3:45 p.m.•14 views

CVE-2026-46739

Net::Statsd for Perl with versions prior to 0.13 is vulnerable to metric injections. The flaw arises because metric names aren’t checked for newlines, colons, or pipes, allowing untrusted-sourced metrics to inject additional statsd metrics. Additionally, update_stats and gauge do not validate tha...

5.3CVSS5.8AI score0.00268EPSS

Exploits0References3Affected Software1

Debian CVE•added 2026/06/04 3:45 p.m.•7 views

CVE-2026-46739

5.3CVSS5.8AI score0.00268EPSS

Exploits0

NVD•added 2026/06/04 12:17 a.m.•8 views

CVE-2026-8722

Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

6.5CVSS0.00203EPSS

Exploits0References2

CNNVD•added 2026/06/04 12:0 a.m.•4 views

Net::Statsd::Lite 安全漏洞

Net::Statsd::Lite is a lightweight StatsD client developed by Robert Rothenberg, which supports multiple metric data packets. Versions of Net::Statsd::Lite prior to 0.13 contained security vulnerabilities. These vulnerabilities stemmed from the lack of checks for line breaks, colons, or pipes in...

5.3CVSS5.2AI score0.00268EPSS

Exploits0References3

CNNVD•added 2026/06/04 12:0 a.m.•6 views

Etsy::StatsD 安全漏洞

Etsy::StatsD is an open-source application performance monitoring and metric collection component developed by statsd. Etsy::StatsD versions 1.002002 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of checks for line breaks, colons, or pipes in metric...

7.5CVSS5.2AI score0.00272EPSS

Exploits0References2

CNNVD•added 2026/06/04 12:0 a.m.•3 views

Net::Async::Statsd::Client 安全漏洞

Net::Async::Statsd::Client is an asynchronous StatsD client library open sourced by TEAM. Versions of Net::Async::Statsd::Client 0.005 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of checks for line breaks, colons, or pipes in metric names, which may allo...

6.5CVSS5.2AI score0.00203EPSS

Exploits0References2

Vulnrichment•added 2026/06/03 11:45 p.m.•6 views

CVE-2026-8722 Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections

5.8AI score0.00203EPSS

Exploits0References2

CVE•added 2026/06/03 11:45 p.m.•15 views

CVE-2026-8722

Net::Async::Statsd::Client (Perl) is affected up to version 0.005. The issue arises from unvalidated metric names that may contain newlines, colons, or pipes, allowing metric injections. No exploitation details are provided in the documents, and no remediation version is specified here; upgrading...

6.5CVSS5.8AI score0.00203EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/06/03 11:45 p.m.•42 views

CVE-2026-8722 Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections

0.00203EPSS

Exploits0References2

Positive Technologies•added 2026/06/03 12:0 a.m.•9 views

PT-2026-46078

Name of the Vulnerable Software and Affected Versions Net::Async::Statsd::Client versions prior to 0.006 Description Net::Async::Statsd::Client for Perl allows metric injections because metric names are not validated for newlines, colons, or pipes. This allows metrics generated from untrusted...

6.5CVSS5.5AI score0.00203EPSS

Exploits0References9

RedhatCVE•added 2026/05/28 8:13 p.m.•8 views

CVE-2026-46740

Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Version 0.06 changes the module from being a stats...

5.3CVSS5.8AI score0.00326EPSS

Exploits0References1

NVD•added 2026/05/26 11:16 p.m.•9 views

CVE-2026-46740

5.3CVSS0.00326EPSS

Exploits0References3

Vulnrichment•added 2026/05/26 10:48 p.m.•6 views

CVE-2026-46740 Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections

5.8AI score0.00326EPSS

Exploits0References3

Cvelist•added 2026/05/26 10:48 p.m.•30 views

CVE-2026-46740 Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections