Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsStudyTraining
ProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Study
Training
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1310+ Articles
157+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
9 articles

#Perl

All CosmicBytez Labs articles tagged #Perl, across news, security advisories, how-to guides, and projects.

  • SecurityMay 27, 2026

    CVE-2026-8450: HTTP::Daemon Perl OS Command Injection via send_file()

    OS command injection (CVSS 9.1) in Perl's HTTP::Daemon lets attackers run arbitrary commands via magic prefix abuse in send_file's two-arg open().

  • SecurityMay 18, 2026

    CVE-2026-8507: Crypt::OpenSSL::PKCS12 Heap OOB Write — CVSS

    A critical heap out-of-bounds write vulnerability in Crypt::OpenSSL::PKCS12 for Perl (versions through 1.94) can be triggered by parsing a malformed...

  • SecurityApr 30, 2026

    CVE-2026-7381: Plack::Middleware::XSendfile

    A critical CVSS 9.1 vulnerability in Plack::Middleware::XSendfile versions through 1.0053 allows remote attackers to control the X-Sendfile-Type header,...

  • SecurityApr 22, 2026

    CVE-2017-20230: Perl Storable Stack Overflow — CVSS 10.0

    A stack overflow vulnerability in Perl's Storable module (versions before 3.05) stems from a signed/unsigned integer mismatch in retrieve_hook(), enabling...

  • SecurityApr 22, 2026

    CVE-2025-15638: Net::Dropbear Bundles Vulnerable

    Net::Dropbear versions before 0.14 for Perl ship with Dropbear 2019.78 or earlier, which includes libtomcrypt v1.18.1 — a library affected by two known...

  • SecurityApr 9, 2026

    CVE-2026-25776: Movable Type Critical Code Injection (CVSS

    Six Apart's Movable Type CMS contains a critical code injection vulnerability allowing unauthenticated attackers to execute arbitrary Perl scripts on...

  • SecurityApr 1, 2026

    CVE-2025-15618: Perl Payment Module Uses Insecure

    Business::OnlinePayment::StoredTransaction through version 0.01 for Perl generates its secret key using an MD5 hash of a single rand() call — a...

  • SecurityMar 30, 2026

    CVE-2026-4176: Perl Compress::Raw::Zlib Critical

    Perl versions 5.9.4 through 5.43.8 ship a vulnerable Compress::Raw::Zlib core module that inherits CVE-2026-3381 from a vendored zlib dependency. CVSS 9.8...

  • SecurityMar 17, 2026

    CVE-2026-4177: YAML::Syck Heap Buffer Overflow Enables

    A critical heap buffer overflow in YAML::Syck for Perl allows remote code execution through crafted YAML input that exceeds the 512-byte class name...