What is the CVSS score of EUVD-2026-30706?

EUVD-2026-30706 has a CVSS 3.1 base score of 8.2 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N. EPSS exploitation probability: 0.0%.

Which versions of Net::Statsd::Tiny are affected by EUVD-2026-30706?

Net::Statsd::Tiny, a Perl monitoring library, contains a metric injection vulnerability (CVSS 8.2) that allows remote attackers to inject arbitrary metrics and forge telemetry data.. A patch is available.

Net::Statsd::Tiny EUVD-2026-30706

| CVE-2026-46720 HIGH

Improper Neutralization of CRLF Sequences ('CRLF Injection') (CWE-93)

2026-05-17 9b29abf9-4ab0-4765-b253-1875cd9b441e

GHSA-vqfg-jwcg-58ww

Code Injection

8.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

None

Lifecycle Timeline

Source Code Evidence Fetched

May 18, 2026 - 13:22 vuln.today

Analysis Generated

May 18, 2026 - 13:22 vuln.today

CVSS changed

May 18, 2026 - 13:22 NVD

8.2 (HIGH)

Patch available

May 17, 2026 - 19:01 EUVD

CVE Published

May 17, 2026 - 18:16 nvd

UNKNOWN (no severity yet)

DescriptionNVD

Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections.

The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics.

AnalysisAI

Metric injection in the Perl module Net::Statsd::Tiny before version 0.3.8 allows remote attackers to inject arbitrary statsd metrics by smuggling newline, colon, or pipe characters through untrusted metric names or set values. The CVSS 8.2 score reflects high integrity impact from forged telemetry, and while a vendor patch is available, no public exploit has been identified at time of analysis.

RemediationAI

Within 24 hours: Inventory all systems and applications using Net::Statsd::Tiny and prioritize by criticality. Within 7 days: Deploy Net::Statsd::Tiny version 0.3.8 or later to non-production environments and complete testing. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-30706 vulnerability details – vuln.today

Back

Net::Statsd::Tiny EUVD-2026-30706

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code