CVE-2026-45191
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Exploitability: 3.9 / Impact: 2.5
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
Description
Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass.
Mask forms like "/00" and "/01" pass validation and parse to the same prefix as their unpadded value.
See also CVE-2026-45190.
References (3)
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Timeline
No history available yet.