What is the CVSS score of CVE-2026-8796?

CVE-2026-8796 has a CVSS 3.1 base score of 8.1 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of Sereal::Decoder are affected by CVE-2026-8796?

Sereal-Decoder for Perl versions before 5.005 contain a heap memory leak vulnerability allowing remote attackers to extract up to 31 bytes of sensitive data from application memory by processing…. A patch is available.

Sereal::Decoder CVE-2026-8796

EUVD-2026-33517 HIGH

Out-of-bounds Read (CWE-125)

2026-05-31 9b29abf9-4ab0-4765-b253-1875cd9b441e

GHSA-xhpj-269v-vq2q

Buffer Overflow Information Disclosure Suse

8.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Lifecycle Timeline

Source Code Evidence Fetched

Jun 01, 2026 - 19:26 vuln.today

Analysis Generated

Jun 01, 2026 - 19:26 vuln.today

CVSS changed

Jun 01, 2026 - 19:22 NVD

8.1 (HIGH)

Patch available

May 31, 2026 - 21:01 EUVD

CVE Published

May 31, 2026 - 20:16 nvd

UNKNOWN (no severity yet)

DescriptionNVD

Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input.

In Perl/Decoder/srl_decoder.c, srl_read_object() and srl_read_hash() process a COPY tag, a back-reference whose target byte the decoder re-decodes as a fresh tag. When that target byte matches the SHORT_BINARY pattern (an inline string whose length is encoded in the low bits of the tag), the resulting read is not bounded to precede the COPY tag's own offset and can run past the end of the input buffer. An attacker controlled COPY offset can land inside a previously decoded value rather than on a tag boundary, planting a byte that the decoder reads as a SHORT_BINARY tag and consuming up to 31 following bytes from the heap as a class name (OBJECT path) or hash key (HASH path).

AnalysisAI

Heap out-of-bounds read in Sereal::Decoder for Perl before version 5.005 allows remote attackers to leak up to 31 bytes of adjacent heap memory when a victim application decodes attacker-controlled Sereal-encoded data. The flaw lives in COPY tag handling within srl_read_object() and srl_read_hash(), where a crafted COPY offset can redirect the decoder to mid-value bytes that are then re-interpreted as a SHORT_BINARY tag without bounds checking against the COPY tag's own offset. …

RemediationAI

24 hours: Audit all systems using Sereal-Decoder for Perl and document current versions in use. 7 days: Upgrade Sereal-Decoder to version 5.005 or later in staging environments and validate application functionality. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-5422 HIGH This Week

8.1 Jun 02

Path traversal in Jupyter Server 2.17.0 allows authenticated users to read and write files in sibling directories outsid

CVE-2026-43958 HIGH This Week

7.8 Jun 01

Stack-based buffer overflow in rrdcached (the caching daemon for rrdtool) allows a local attacker with socket access to

CVE-2026-50031 HIGH This Week

7.5 Jun 03

Denial of service in FreeIPMI versions before 1.16.18 allows remote attackers to crash the ipmi-oem client by sending ma

CVE-2026-42504 HIGH This Week

7.5 Jun 02

Algorithmic complexity denial of service in the Go standard library's mime package allows remote unauthenticated attacke

CVE-2026-48827 HIGH This Week

7.1 May 30

Path traversal in the org.apache.sshd:sshd-git component of Apache MINA SSHD allows authenticated remote attackers to re

Vendor StatusVendor

CVE-2026-8796 vulnerability details – vuln.today

Back