Skip to main content

IP CIDR CVE-2025-40910

| EUVDEUVD-2025-19330 MEDIUM
Improper Validation of Specified Type of Input (CWE-1287)
2025-06-27 9b29abf9-4ab0-4765-b253-1875cd9b441e
6.5
CVSS 3.1 · Vendor: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Share

Severity by source

Vendor (9b29abf9-4ab0-4765-b253-1875cd9b441e) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Primary rating from Vendor (9b29abf9-4ab0-4765-b253-1875cd9b441e) · only source for this CVE.

CVSS VectorVendor: 9b29abf9-4ab0-4765-b253-1875cd9b441e

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 16, 2026 - 00:16 euvd
EUVD-2025-19330
Analysis Generated
Mar 16, 2026 - 00:16 vuln.today
CVE Published
Jun 27, 2025 - 13:15 nvd
MEDIUM 6.5

DescriptionCVE.org

Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses.

Leading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation.

AnalysisAI

CVE-2025-40910 is a security vulnerability (CVSS 6.5) that allows attackers. Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type not specified by vendor.

RemediationAI

Monitor vendor channels for patch availability.

Share

CVE-2025-40910 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy