Security Advisory

CVE-2026-8788

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-05-18 06:34:24

Last updated 2026-05-19 12:45:27

Assigner CPANSec

State PUBLISHED

Description

Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from the set_add method were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that version 0.9.0 fixed a similar issue CVE-2026-46719 for metric names.

← Browse all CVEs View on cve.org ↗