Buffer overflow in Toddr Yaml::syck

CVE-2026-4177

YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation…

Vulnerability class: Buffer Overflow

EPSS: 0.000 (6.7th percentile) — read the EPSS interpretation.

Affected products

Toddr Yaml::syck — versions 0

Weakness classification (CWE)

CWE-122 — Heap-based Buffer Overflow

References

github.com/cpan-authors/YAML-Syck/commit/e8844a31c8cf0052914b198fc784ed4e6b8ae6… (patch)
metacpan.org/release/TODDR/YAML-Syck-1.37_01/changes (release-notes)