CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/16 1:37 p.m.•9 views

EUVD-2026-30672

5.8AI score0.00306EPSS

CVE•added 2026/05/16 1:37 p.m.•18 views

CVE-2026-46719

Net::Statsd::Lite (Perl) is affected by CVE-2026-46719 for versions prior to 0.9.0, where metric names are not validated for newlines, colons, or pipes. This allows metrics from untrusted sources to inject additional statsd metrics. Public sources in the included documents confirm the impact on m...

6.5CVSS5.8AI score0.00306EPSS

Vulnrichment•added 2026/05/16 1:37 p.m.•8 views

CVE-2026-46719 Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections

5.8AI score0.00306EPSS

Positive Technologies•added 2026/05/16 12:0 a.m.•11 views

PT-2026-41426

Name of the Vulnerable Software and Affected Versions Net::Statsd::Lite versions prior to 0.9.0 Description Net::Statsd::Lite for Perl allows metric injections because metric names are not validated for newlines, colons, or pipes. This enables metrics generated from untrusted sources to inject...

6.5CVSS5.8AI score0.00306EPSS

Exploits0References20

CNNVD•added 2026/05/16 12:0 a.m.•9 views

Net::Statsd::Lite 注入漏洞

Net::Statsd::Lite is a lightweight StatsD client developed by Robert Rothenberg, which supports multiple metric data packets. Versions of Net::Statsd::Lite prior to 0.9.0 have a injection vulnerability. This vulnerability arises from the lack of checks for line breaks, colons, or vertical bars in...

6.5CVSS5.8AI score0.00306EPSS

NVD•added 2026/05/10 9:16 p.m.•10 views

CVE-2026-45180

Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' session ids may be leaked. This may allow an attacker to use session ids a...

7.5CVSS0.00244EPSS

NVD•added 2026/05/10 8:16 p.m.•10 views

CVE-2026-45179

Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' IP addresses may be leaked. Since version 0.9.0, the IP address is no...

5.3CVSS0.00219EPSS

ATTACKERKB•added 2026/05/10 8:3 p.m.•6 views

CVE-2026-45180

5.8AI score0.00244EPSS

Exploits0References5

EUVD•added 2026/05/10 8:3 p.m.•10 views

EUVD-2026-28997

5.8AI score0.00244EPSS

CVE•added 2026/05/10 8:3 p.m.•12 views

CVE-2026-45180

CVE-2026-45180 affects Catalyst::Plugin::Statsd for Perl up to version 0.10.0. The issue is leakage of session IDs when the communication channel to the statsd daemon is unsecured (e.g., UDP to a different network). This could allow an attacker to use leaked session IDs as authentication tokens. ...

7.5CVSS5.8AI score0.00244EPSS

Vulnrichment•added 2026/05/10 8:3 p.m.•7 views

CVE-2026-45180 Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids

5.8AI score0.00244EPSS

Cvelist•added 2026/05/10 8:3 p.m.•29 views

CVE-2026-45180 Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids

0.00244EPSS

EUVD•added 2026/05/10 7:10 p.m.•8 views

EUVD-2026-28995

5.8AI score0.00219EPSS

Cvelist•added 2026/05/10 7:10 p.m.•33 views

CVE-2026-45179 Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses

0.00219EPSS

CVE•added 2026/05/10 7:10 p.m.•15 views

CVE-2026-45179

CVE-2026-45179 affects Plack::Middleware::Statsd for Perl, with versions before 0.9.0 potentially leaking user IP addresses if the statsd channel is not secured (e.g., UDP to a different network). Since 0.9.0, IPs are no longer logged unless configured; when configured, an HMAC signature of the I...

5.3CVSS5.8AI score0.00219EPSS

Vulnrichment•added 2026/05/10 7:10 p.m.•7 views

CVE-2026-45179 Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses

5.8AI score0.00219EPSS