Out-of-bounds Read in Shay Perl

CVE-2026-57432

Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack and unpack. S_measure_struct adds each item's size times its repeat count to a running total with no overflow check…

Vulnerability class: Buffer Overflow

Affected products

Weakness classification (CWE)

References