Description
DBI versions before 1.648 for Perl saved errors in a limited-sized buffer.

Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit.

Attackers that can influence the error text in an application can trigger a buffer overflow.
Published: 2026-06-09
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw arises because DBI versions before 1.648 write error messages, including those generated by RaiseError, PrintError, or HandleError, into a fixed 200‑byte buffer without checking the length of the message. If an attacker can influence the content of an error message, the overflow can corrupt adjacent memory, potentially allowing the attacker to execute arbitrary code. The vulnerability arises from both uncontrolled string handling (CWE‑120) and an unchecked buffer overflow (CWE‑787). The product’s documentation indicates that any application leveraging DBI that can accept attacker‑controlled input could be vulnerable. The presence of these weaknesses means that compromised privilege boundaries could be broken and the system or process may be taken over.

Affected Systems

All installations of the Perl DBI library older than version 1.648 are affected. This includes every project or application that bundles an earlier DBI release, regardless of distribution or operating system. The specific vendor listed is HMBRAND, with the library name DBI.

Risk and Exploitability

Because the attack vector requires an attacker capable of injecting or controlling error‑message text, exploitation is limited to contexts where the application accepts user input that can appear in error strings. The CVSS score is 7.5, indicating high severity, and the EPSS score is <1%, indicating a very low exploitation probability. The vulnerability is listed as not in the CISA KEV catalog. The potential impact of an exploit, however, remains high, as overriding a critical buffer could lead to remote code execution or a denial‑of‑service condition if the process crashes.

Generated by OpenCVE AI on June 17, 2026 at 23:32 UTC.

Remediation

Vendor Solution

Upgrade to DBI 1.648 or later.


OpenCVE Recommended Actions

  • Upgrade to DBI version 1.648 or later. It is the official fix provided by the vendor.
  • Ensure that any error message construction uses safe string handling functions and validate length to prevent buffer overflow or uncontrolled string errors.
  • Configure RaiseError, PrintError, and HandleError settings to disable automatic error printing, or limit the length of error messages so they are truncated before a buffer overflow can occur.

Generated by OpenCVE AI on June 17, 2026 at 23:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4649-1 libdbi-perl security update
Debian DSA Debian DSA DSA-6338-1 libdbi-perl security update
Ubuntu USN Ubuntu USN USN-8466-1 Perl DBI module vulnerabilities
History

Tue, 16 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120
References
Metrics threat_severity

None

threat_severity

Important


Tue, 09 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Perl
Perl dbi
CPEs cpe:2.3:a:perl:dbi:*:*:*:*:*:*:*:*
Vendors & Products Perl
Perl dbi

Tue, 09 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 09 Jun 2026 11:30:00 +0000

Type Values Removed Values Added
References

Tue, 09 Jun 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Hmbrand
Hmbrand dbi
Vendors & Products Hmbrand
Hmbrand dbi

Tue, 09 Jun 2026 07:45:00 +0000

Type Values Removed Values Added
Description DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a buffer overflow.
Title DBI versions before 1.648 for Perl saved errors in a limited-sized buffer
Weaknesses CWE-787
References

cve-icon MITRE

Status: PUBLISHED

Assigner: CPANSec

Published:

Updated: 2026-06-30T03:17:16.128Z

Reserved: 2026-05-27T12:06:43.461Z

Link: CVE-2026-9698

cve-icon Vulnrichment

Updated: 2026-06-09T11:03:32.648Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-09T08:16:29.190

Modified: 2026-06-09T17:20:05.550

Link: CVE-2026-9698

cve-icon Redhat

Severity : Important

Publid Date: 2026-06-09T07:22:25Z

Links: CVE-2026-9698 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-17T23:45:13Z

Weaknesses
  • CWE-120

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

  • CWE-787

    Out-of-bounds Write