Heap Overflow Vulnerability in DBI for Perl
CVE-2026-14739
Currently unrated
What is CVE-2026-14739?
In DBI versions prior to 1.650, a vulnerability exists that leads to a heap overflow when preparsing SQL statements containing an extremely high number of placeholders. Previous fixes did not account for enough memory allocation needed for handling approximately 1.2 million placeholders, making systems susceptible to instability or exploitation. The corrected version, DBI 1.650, addresses this issue by imposing a hard limit of 99,999 placeholders, enhancing security against potential exploits that could arise from excessive memory consumption.
Affected Version(s)
DBI 0 < 1.650
