CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/06/02 1:44 a.m.•9 views

SUSE CVE-2026-8796

Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srldecoder.c, srlreadobject and srlreadhash process a COPY tag, a back-reference whose target byte the decoder re-decodes as a fresh tag. When that target byte matches the SHORTBINARY...

RedhatCVE•added 2026/06/02 12:5 a.m.•10 views

CVE-2026-8796

A flaw was found in Sereal::Decoder for Perl. A remote attacker could exploit a heap out-of-bounds read vulnerability by providing crafted input containing a specific COPY tag. This tag, when re-decoded, can lead to the consumption of up to 31 bytes from the heap, potentially disclosing sensitive...

8.1CVSS5.6AI score0.00405EPSS

Tenable Nessus•added 2026/06/01 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-8796

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srldecoder.c, srlreadobject and srlreadhash...

8.1CVSS5.5AI score0.00405EPSS

OSV•added 2026/06/01 12:0 a.m.•6 views

OPENSUSE-SU-2026:10924-1 perl-Sereal-Decoder-5.6.0-1.1 on GA media

These are all security issues fixed in the perl-Sereal-Decoder-5.6.0-1.1 package on the GA media of openSUSE Tumbleweed...

NVD•added 2026/05/31 8:16 p.m.•11 views

CVE-2026-8796

8.1CVSS0.00405EPSS

OSV•added 2026/05/31 8:16 p.m.•7 views

DEBIAN-CVE-2026-8796

Debian CVE•added 2026/05/31 7:43 p.m.•10 views

CVE-2026-8796

EUVD•added 2026/05/31 7:43 p.m.•14 views

EUVD-2026-33517

5.8AI score0.00405EPSS

Cvelist•added 2026/05/31 7:43 p.m.•27 views

CVE-2026-8796 Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input

0.00405EPSS

Vulnrichment•added 2026/05/31 7:43 p.m.•8 views

CVE-2026-8796 Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input

5.8AI score0.00405EPSS

ATTACKERKB•added 2026/05/31 7:43 p.m.•6 views

CVE-2026-8796

5.8AI score0.00405EPSS

CVE•added 2026/05/31 7:43 p.m.•18 views

CVE-2026-8796

CVE-2026-8796 affects Sereal::Decoder before 5.005 (Perl). A heap out-of-bounds read can be triggered via crafted input when decoding COPY back-references that re-decode as SHORT_BINARY tags, allowing an attacker-controlled COPY offset to skip bounds and read past the input. This may enable consu...

CNNVD•added 2026/05/31 12:0 a.m.•8 views

Sereal::Decoder 安全漏洞

Sereal::Decoder is a decoding module developed by YVES’s individual developers, designed for parsing high-performance binary serialization data formats. Versions of Sereal::Decoder prior to 5.005 contained security vulnerabilities; these vulnerabilities stemmed from heap out-of-bound access durin...

Fedora•added 2026/05/29 1:27 a.m.•14 views

[SECURITY] Fedora 43 Update: perl-Sereal-Decoder-5.005-1.fc43

This library implements a deserializer for an efficient, compact-output, and feature-rich binary protocol called Sereal...

Fedora•added 2026/05/29 1:13 a.m.•14 views

[SECURITY] Fedora 44 Update: perl-Sereal-5.005-1.fc44

Sereal is an efficient, compact-output, binary and feature-rich serialization protocol. The Perl encoder is implemented as the Sereal::Encoder module, the Perl decoder correspondingly as Sereal::Decoder. This Sereal module is a very thin wrapper around both Sereal::Encoder and Sereal::Decoder. It...

Tenable Nessus•added 2026/05/29 12:0 a.m.•62 views

Fedora 43 : perl-Sereal / perl-Sereal-Decoder / perl-Sereal-Encoder (2026-49c4be8260)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-49c4be8260 advisory. This update includes a security fix to make sure that COPY tags cannot be used to read past end of the buffer. Tenable has extracted the preceding descriptio...

Tenable Nessus•added 2026/05/29 12:0 a.m.•11 views

Fedora 44 : perl-Sereal / perl-Sereal-Decoder / perl-Sereal-Encoder (2026-26bb3fe2c6)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-26bb3fe2c6 advisory. This update includes a security fix to make sure that COPY tags cannot be used to read past end of the buffer. Tenable has extracted the preceding descriptio...

Tenable Nessus•added 2026/04/03 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2024-14030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sereal::Decoder versions from 4.000 through 4.009002 for Perl embeds a vulnerable version of the Zstandard library. Sereal::Decoder embeds a version of the...

8.1CVSS6AI score0.01424EPSS