Buffer Overflow Risk in DBI for Perl by HMBRAND
CVE-2026-9698
7.5HIGH
What is CVE-2026-9698?
Versions of DBI for Perl prior to 1.648 contain a vulnerability where error messages generated when RaiseError, PrintError, or HandleError are activated are stored in a fixed-size 200-byte buffer without any additional length checks. This oversight can allow attackers to exploit the system by injecting malicious text into the error handling process, potentially leading to a buffer overflow. Such an overflow can enable unauthorized access or execution of arbitrary code. It is critical for users to upgrade to version 1.648 or later to mitigate this security risk.
Affected Version(s)
DBI 0 < 1.648
