Integer overflow in Shay Perl

CVE-2026-13221

Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into a trie in Perl_study_chunk. When such branches are combined into a trie, the…

Vulnerability class: Integer Overflow

Affected products

Weakness classification (CWE)

References