CVE-2026-60082 in DBI
Riassunto
di MITRE • 14/07/2026
DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row.
When the statement handle had no fields but the source row was non-empty, the internal row-buffer helper would read from a negative array index.
This could be triggered by a caller supplying inconsistent metadata and rows to the prepare method.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.