Skip to main content

Crypt CVE-2026-2597

HIGH
Heap-based Buffer Overflow (CWE-122)
2026-02-27 9b29abf9-4ab0-4765-b253-1875cd9b441e
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 27, 2026 - 00:16 nvd
HIGH 7.5

DescriptionCVE.org

Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes().

The function does not validate that the length parameter is non-negative. If a negative value (e.g. -1) is supplied, the expression length + 1u causes an integer wraparound, resulting in a zero-byte allocation. The subsequent call to chosen random function (e.g. getrandom) passes the original negative value, which is implicitly converted to a large unsigned value (typically SIZE_MAX). This can result in writes beyond the allocated buffer, leading to heap memory corruption and application crash (denial of service).

In common usage, the length argument is typically hardcoded by the caller, which reduces the likelihood of attacker-controlled exploitation. Applications that pass untrusted input to this parameter may be affected.

AnalysisAI

Heap buffer overflow in Crypt::SysRandom::XS before version 0.010 allows denial of service through negative length parameter validation bypass in the random_bytes() function. When negative values are passed to the function, integer wraparound causes incorrect memory allocation and unbounded writes to heap memory, triggering application crashes. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Call random_bytes() with negative length parameter
Exploit
Integer wraparound causes zero-byte allocation
Execution
Getrandom writes SIZE_MAX bytes
Impact
Heap buffer overflow corrupts memory

Vulnerability AssessmentAI

Exploitation Perl application using Crypt::SysRandom::XS versions before 0.010 must call random_bytes() function with attacker-controlled or negative length parameter values without input validation. Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 7.5 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker could exploit this vulnerability to writes beyond the allocated buffer, leading to heap memory corruption and applic.
Remediation Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems and applications using Crypt::SysRandom::XS and document current versions in use. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Crypt

View all
CVE-2026-30909 CRITICAL
9.8 Mar 08

Perl Crypt::NaCl::Sodium module through 2.002 has potential integer overflows in cryptographic operations that could wea

CVE-2026-2588 CRITICAL
9.1 Feb 23

Integer overflow in Crypt::NaCl::Sodium Perl module through version 2.001 on 32-bit systems. The Sodium.xs binding casts

CVE-2026-9265 CRITICAL
9.1 Jun 20

Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in print_attribute UTF8STRING path. print_

CVE-2026-30910 HIGH
7.5 Mar 08

Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combined

CVE-2026-5086 HIGH
7.5 Apr 13

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuff

CVE-2026-6659 HIGH
7.5 May 08

Weak salt generation in Crypt::PasswdMD5 (Perl) through version 1.42 enables password hash cracking via predictable rand

CVE-2026-9638 HIGH
7.5 Jun 12

Predictable salt generation in the Perl Crypt::PBKDF2 module before version 0.261630 weakens the cryptographic strength

CVE-2026-8704 MEDIUM
6.5 May 15

File overwrite and information disclosure in Crypt::DSA through version 1.19 for Perl expose systems where user-controll

CVE-2026-8463 MEDIUM
5.3 May 13

Heap out-of-bounds read in Crypt::Argon2 for Perl (versions 0.017 through 0.030) exposes applications to process crash o

CVE-2026-9641 MEDIUM
5.3 Jun 12

Crypt::PBKDF2 for Perl prior to version 0.261630 ships with critically weak password-hashing defaults - HMAC-SHA1 as the

CVE-2026-14570
Jul 05

Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, lead

CVE-2024-58040 CRITICAL
9.1 Sep 30

Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() function during encryption. Rated critical severity (

Share

CVE-2026-2597 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy