Buffer Overflow Risk in DBI for Perl by HMBRAND
CVE-2026-9698

7.5HIGH

Key Information:

Vendor

Hmbrand

Status
Vendor
CVE Published:
9 June 2026

What is CVE-2026-9698?

Versions of DBI for Perl prior to 1.648 contain a vulnerability where error messages generated when RaiseError, PrintError, or HandleError are activated are stored in a fixed-size 200-byte buffer without any additional length checks. This oversight can allow attackers to exploit the system by injecting malicious text into the error handling process, potentially leading to a buffer overflow. Such an overflow can enable unauthorized access or execution of arbitrary code. It is critical for users to upgrade to version 1.648 or later to mitigate this security risk.

Affected Version(s)

DBI 0 < 1.648

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.