CVE-2026-41565

🗓️ 29 May 2026 00:00:00Reported by ubuntu.comType

CVE-2026-41565: CryptX before 0.088_001 has a stack overflow in four decrypt_verify helpers due to attacker controlled tag length.

Reporter	Title	Published	Views	Family All 24
ATTACKERKB	CVE-2026-41565	28 May 202614:13	–	attackerkb
Amazon	Important: perl-CryptX	22 Jun 202600:00	–	amazon
Circl	CVE-2026-41565	28 May 202617:08	–	circl
CNNVD	CryptX 安全漏洞	28 May 202600:00	–	cnnvd
CVE	CVE-2026-41565	28 May 202614:13	–	cve
Cvelist	CVE-2026-41565 CryptX versions before 0.088_001 for Perl have a stack buffer overflow in four AEAD decrypt_verify helpers	28 May 202614:13	–	cvelist
Debian CVE	CVE-2026-41565	28 May 202614:13	–	debiancve
EUVD	EUVD-2026-32906	28 May 202614:13	–	euvd
Fedora	[SECURITY] Fedora 44 Update: perl-CryptX-0.089-1.fc44	7 Jun 202600:57	–	fedora
Fedora	[SECURITY] Fedora 43 Update: perl-CryptX-0.089-1.fc43	7 Jun 202601:07	–	fedora

OS	OS Version	Architecture	Package	Filename
Ubuntu	18.04	any	libcryptx-perl	libcryptx-perl_0_any.deb
Ubuntu	20.04	any	libcryptx-perl	libcryptx-perl_0_any.deb
Ubuntu	22.04	any	libcryptx-perl	libcryptx-perl_0_any.deb
Ubuntu	24.04	any	libcryptx-perl	libcryptx-perl_0_any.deb
Ubuntu	25.10	any	libcryptx-perl	libcryptx-perl_0_any.deb
Ubuntu	26.04	any	libcryptx-perl	libcryptx-perl_0_any.deb

Source	Link
cve	www.cve.org/CVERecord
lists	www.lists.security.metacpan.org/cve-announce/msg/40477993/
github	www.github.com/DCIT/perl-CryptX/commit/57e69e541b0718ca8724c2f61514322a2d859bc1.patch
github	www.github.com/DCIT/perl-CryptX/commit/7e56347d420aaf43b2ee1586f4a230492ccf1642.patch
metacpan	www.metacpan.org/release/MIK/CryptX-0.088_001
openwall	www.openwall.com/lists/oss-security/2026/05/28/10

02 Jun 2026 08:47Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.17.5

EPSS0.00494

SSVC