CVE-2026-2588

Crypt::NaCl::Sodium for Perl has an integer overflow in 32‑bit environments, affecting versions up to 2.001. The Sodium.xs code casts a STRLEN (size_t) to unsigned long long when passing a length pointer to libsodium, creating an overflow risk where 32‑bit size_t is 32‑bit but unsigned long long ...