What is CVE-2026-46739?

CVE-2026-46739 is a medium-severity vulnerability in Cosimo Net::statsd, classified under CRLF Injection. CVSS score: 5.3/10. Published 2026-06-04.

How severe is CVE-2026-46739?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Cosimo Net::statsd

CVE-2026-46739

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The update_stats (used fo…

Vulnerability class: CRLF Injection

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.

Affected products

Cosimo Net::statsd — versions 0

Weakness classification (CWE)

CWE-93 — CRLF Injection

References

9b29abf9-4ab0-4765-b253-1875cd9b441e (issue-tracking)
9b29abf9-4ab0-4765-b253-1875cd9b441e (related)
9b29abf9-4ab0-4765-b253-1875cd9b441e (related)

Frequently asked questions

What is CVE-2026-46739?: CVE-2026-46739 is a medium-severity vulnerability in Cosimo Net::statsd, classified under CRLF Injection. CVSS score: 5.3/10. Published 2026-06-04.
How severe is CVE-2026-46739?: Medium severity. CVSS v3 base score is 5.3 out of 10.