Skip to content

Perl DBI Overflow Vulnerability - 20260709001

Overview

The WASOC has been made aware of a critical Perl DBI heap overflow Vulnerability when preparsing SQL statements with more than 9 binders, which can cause memory corruption and an adversary can modify control data such as return addresses in order to execute unexpected code.

What is vulnerable?

Product(s) Affected Version(s) CVE CVSS Severity
Perl DBI Version before 1.648 CVE-2026-10879 9.8 Critical

What has been observed?

The WASOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing.

Recommendation

The WASOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):