Out-of-bounds Read in Tpoder Net::ip::lpm

CVE-2026-56015

Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length. add() passes the prefix string to the trie builder addPrefixToTrie() without checking it against the address width. addPrefixToTr…

Vulnerability class: Buffer Overflow

Affected products

Weakness classification (CWE)

References