CVE-2026-9698

HIGH 7.5

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer

CVSS Score

7.5

EPSS Score

0.0%

EPSS Percentile

4th

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a buffer overflow.

CWE	CWE-787
Vendor	hmbrand
Product	dbi
Published	Jun 9, 2026
Last Updated	Jun 9, 2026

Stay Ahead of the Next One

Get instant alerts for hmbrand dbi

Be the first to know when new high vulnerabilities affecting hmbrand dbi are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

HMBRAND / DBI

0 < 1.648

References

NVD ↗ CVE.org ↗ EPSS Data ↗

metacpan.org: https://metacpan.org/release/HMBRAND/DBI-1.648/changes github.com: https://github.com/perl5-dbi/dbi/commit/bfe5d73c162d2d1f761a639a0aa33aad6a9eb54e.patch openwall.com: http://www.openwall.com/lists/oss-security/2026/06/09/9