Storable
CVE-2026-57433
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from Vendor (CPANSec) · only source for this CVE.
CVSS VectorVendor: CPANSec
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionCVE.org
Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SX_HOOK record.
retrieve_hook_common reads a signed 32-bit item count from an SX_HOOK record and calls av_extend with that count plus one. A count of I32_MAX wraps the addition to a negative value.
A crafted blob passed to thaw or retrieve triggers the overflow; av_extend receives the negative count and dies with a panic, terminating the deserialization.
AnalysisAI
Denial-of-service in the Storable module for Perl (versions before 3.41) allows remote attackers to abort deserialization by supplying a crafted SX_HOOK record whose item count equals I32_MAX. The signed 32-bit count plus one wraps to a negative value, which av_extend rejects with a fatal panic, terminating any thaw() or retrieve() call on attacker-controlled data. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Recommended ActionAI
Within 24 hours, audit all systems and applications using Perl's Storable module to identify those running versions before 3.41. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-190 – Integer Overflow or Wraparound
View allSame technique Deserialization
View allShare
External POC / Exploit Code
Leaving vuln.today