Inconsistent Statement Handle Enforcement in DBI by Perl
CVE-2026-60082

Currently unrated

Key Information:

Vendor

Hmbrand

Status
Vendor
CVE Published:
14 July 2026

What is CVE-2026-60082?

The DBI module for Perl prior to version 1.651 is susceptible to a vulnerability whereby it fails to enforce consistency between statement handles and the associated rows. This issue can occur when a statement handle with no defined fields interacts with a non-empty source row, which results in the internal buffer trying to access a negative array index. Such a condition may arise when callers provide contrasting metadata and rows during the preparation of statements, potentially leading to unexpected behaviors and compromising data integrity.

Affected Version(s)

DBI 0 < 1.651

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.