Skip to main content

Net CVE-2026-40198

| EUVDEUVD-2026-21609 HIGH
Improper Validation of Syntactic Correctness of Input (CWE-1286)
2026-04-10 9b29abf9-4ab0-4765-b253-1875cd9b441e
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
SUSE
HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

8
Re-analysis Queued
Apr 21, 2026 - 18:52 vuln.today
cvss_changed
Analysis Updated
Apr 16, 2026 - 05:57 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
0.23
Analysis Generated
Apr 15, 2026 - 12:29 vuln.today
CVSS changed
Apr 13, 2026 - 15:22 NVD
7.5 (HIGH)
EUVD ID Assigned
Apr 10, 2026 - 22:22 euvd
EUVD-2026-21609
CVE Published
Apr 10, 2026 - 22:16 nvd
N/A

DescriptionCVE.org

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass.

_pack_ipv6() does not check that uncompressed IPv6 addresses (without ::) have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce packed values of wrong length (3, 7, or 15 bytes instead of 17).

The packed values are used internally for mask and comparison operations. find() and bin_find() use Perl string comparison (lt/gt) on these values, and comparing strings of different lengths gives wrong results. This can cause find() to incorrectly report an address as inside or outside a range.

Example:

my $cidr = Net::CIDR::Lite->new("::/8"); $cidr->find("1:2:3");

invalid input, incorrectly returns true

This is the same class of input validation issue as CVE-2021-47154 (IPv4 leading zeros) previously fixed in this module.

See also CVE-2026-40199, a related issue in the same function affecting IPv4 mapped IPv6 addresses.

AnalysisAI

IPv6 address validation bypass in Net::CIDR::Lite for Perl (versions <0.23) allows remote attackers to circumvent IP access control lists without authentication. The _pack_ipv6() function fails to validate that uncompressed IPv6 addresses contain exactly 8 hexadecimal groups, accepting malformed inputs like 'abcd' or '1:2:3' and producing incorrect packed representations. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malformed IPv6 address with incorrect group count
Exploit
Pass to Net::CIDR::Lite parsing function
Execution
Generate incorrectly-packed binary value
Impact
Bypass IP ACL checks via string comparison

Vulnerability AssessmentAI

Exploitation Application must use Net::CIDR::Lite versions before 0.23 for Perl to validate IPv6 addresses in access control lists or IP filtering logic. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Real-world exploitation risk is moderate despite the 7.5 CVSS score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker identifies a web application firewall or API gateway written in Perl that uses Net::CIDR::Lite <0.23 to enforce IP allowlists for administrative endpoints. The
Remediation Upgrade Net::CIDR::Lite to version 0.23 or later, which includes validation to ensure IPv6 addresses contain exactly 8 hexadecimal groups when not using double-colon compression. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all systems running Net::CIDR::Lite (Perl modules) and identify applications using IPv6 ACL validation. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Net

View all
CVE-2026-33811 HIGH POC
7.5 May 07

Memory corruption in Go's net library (versions <1.25.10 and 1.26.0-1.26.2) leads to application crash when parsing mali

CVE-2026-45491 MEDIUM POC
5.5 Jun 09

Local file tampering via symlink/junction following in Microsoft .NET runtimes 8.0, 9.0, and 10.0 allows a local unauthe

CVE-2024-57854 CRITICAL
9.1 Mar 05

Weak PRNG in Net::NSCA::Client through 0.009002 for Perl. Patch available.

CVE-2026-11373 CRITICAL
9.1 Jun 22

Metric injection in the Perl module Net::Statsite::Client through version 1.1.0 allows attackers controlling metric name

CVE-2026-45591 HIGH
7.5 Jun 09

Remote denial of service in ASP.NET Core enables unauthenticated network attackers to exhaust server resources and disru

CVE-2026-45490 HIGH
7.8 Jun 09

Local privilege escalation in Microsoft .NET allows an authenticated low-privileged user to elevate to higher privileges

CVE-2025-26646 HIGH
8.0 May 13

External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized att

CVE-2026-49941 HIGH
7.5 Jun 04

Denial of service in the Perl module Net::CIDR::Set through version 0.20 allows remote unauthenticated attackers to trig

CVE-2026-57081 HIGH
7.5 Jun 30

Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecod

CVE-2026-57080 HIGH
7.5 Jun 30

Remote memory exhaustion in the Net::BitTorrent Perl module (all versions through 2.0.1) lets any unauthenticated peer i

CVE-2026-45190 MEDIUM
6.5 May 10

Net::CIDR::Lite Perl module versions before 0.24 fail to properly validate IP address and CIDR mask inputs, allowing att

CVE-2026-8722 MEDIUM
6.5 Jun 03

Metric name injection in Net::Async::Statsd::Client (Perl, versions through 0.005) allows network-reachable, unauthentic

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Module for Development Tools 15 SP7 Affected
SUSE Linux Enterprise Server 15 SP7 Affected
SUSE Linux Enterprise Desktop 15 SP7 Affected
SUSE Linux Enterprise Server for SAP Applications 15 SP7 Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Affected

Share

CVE-2026-40198 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy