Search CVE reports


Toggle filters

1 – 10 of 1866 results


CVE-2026-60082

Medium priority
Needs evaluation

DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row. When the statement handle had no fields but the source row was non-empty, the internal row-buffer helper would read from a negative array...

1 affected package

libdbi-perl

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libdbi-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-60081

Medium priority
Needs evaluation

DBI::ProfileData versions before 1.651 for Perl do not limit the path index. The path index column of profile dump files is used to allocate an array of data for the parser. An unbounded value allows an attacker to specify a large...

1 affected package

libdbi-perl

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libdbi-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-15392

Medium priority
Needs evaluation

DBD::File versions before 1.651 for Perl do not ensure the table file is not a symlink to an untrusted location. The complete_table_name method builds the absolute table file path without checking whether the file is a symbolic...

1 affected package

libdbi-perl

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libdbi-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-15043

Medium priority
Needs evaluation

DBI::SQL::Nano versions from 1.42 before 1.651 for Perl have inverted <= and >= SQL operators on text. DBI::SQL::Nano, DBI's built-in mini-SQL engine, evaluated WHERE predicates incorrectly in some cases. In the non-numeric string...

1 affected package

libdbi-perl

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libdbi-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-14740

Medium priority
Needs evaluation

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of...

1 affected package

libdbi-perl

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libdbi-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-14739

Medium priority
Needs evaluation

DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders. The fix for CVE-2026-10879 did not allocate enough memory to handle approximately 1.2-million...

1 affected package

libdbi-perl

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libdbi-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-14380

Medium priority
Needs evaluation

DBI versions before 1.650 for Perl are vulnerable to code injection via caller-influenced Profile. When a string is assigned to a DBI handle's Profile attribute, DBI splits it into path, package and arguments, and interpolates the...

1 affected package

libdbi-perl

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libdbi-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-46862

Medium priority

Some fixes available 5 of 10

Vulnerability in the MySQL Router product of Oracle MySQL (component: Router: General). Supported versions that are affected are 8.4.0-8.4.9 and 9.0.0-9.7.0. Easily exploitable vulnerability allows unauthenticated attacker with...

11 affected packages

mysql-5.5, mysql-5.7, mysql-8.0, mysql-8.4, mariadb...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mysql-5.5 Not in release Not in release Not in release
mysql-5.7 Not in release Not in release Not in release Ignored
mysql-8.0 Not in release Fixed Fixed Fixed
mysql-8.4 Fixed Not in release Not in release
mariadb Not affected Not affected Not in release
mariadb-10.0 Not in release Not in release Not in release
mariadb-10.1 Not in release Not in release Not in release Not affected
mariadb-10.3 Not in release Not in release Not in release Ignored
mariadb-10.6 Not in release Not in release Not affected
percona-xtradb-cluster-5.6 Not in release Not in release Not in release
percona-server-5.6 Not in release Not in release Not in release
Show all 11 packages Show less packages

CVE-2026-46863

Medium priority

Some fixes available 5 of 10

Vulnerability in the MySQL Server, MySQL Cluster product of Oracle MySQL (component: Server: Connection Handling). Supported versions that are affected are MySQL Server: 8.4.0-8.4.9, 9.0.0-9.7.0; MySQL Cluster: 8.0.11-8.0.46,...

11 affected packages

mysql-5.5, mysql-5.7, mysql-8.0, mysql-8.4, mariadb...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mysql-5.5 Not in release Not in release Not in release
mysql-5.7 Not in release Not in release Not in release Ignored
mysql-8.0 Not in release Fixed Fixed Fixed
mysql-8.4 Fixed Not in release Not in release
mariadb Not affected Not affected Not in release
mariadb-10.0 Not in release Not in release Not in release
mariadb-10.1 Not in release Not in release Not in release Not affected
mariadb-10.3 Not in release Not in release Not in release Ignored
mariadb-10.6 Not in release Not in release Not affected
percona-xtradb-cluster-5.6 Not in release Not in release Not in release
percona-server-5.6 Not in release Not in release Not in release
Show all 11 packages Show less packages

CVE-2026-46869

Medium priority
Ignored

Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Dump and Load). Supported versions that are affected are 8.4.0-8.4.9 and 9.0.0-9.7.0. Easily exploitable vulnerability allows unauthenticated attacker...

11 affected packages

mysql-5.5, mysql-5.7, mysql-8.0, mysql-8.4, mariadb...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mysql-5.5 Not in release Not in release Not in release
mysql-5.7 Not in release Not in release Not in release Ignored
mysql-8.0 Not in release Not affected Not affected Not affected
mysql-8.4 Not affected Not in release Not in release
mariadb Not affected Not affected Not in release
mariadb-10.0 Not in release Not in release Not in release
mariadb-10.1 Not in release Not in release Not in release Not affected
mariadb-10.3 Not in release Not in release Not in release Ignored
mariadb-10.6 Not in release Not in release Not affected
percona-xtradb-cluster-5.6 Not in release Not in release Not in release
percona-server-5.6 Not in release Not in release Not in release
Show all 11 packages Show less packages