Perl DBI Overflow Vulnerability - 20260709001¶
Overview¶
The WASOC has been made aware of a critical Perl DBI heap overflow Vulnerability when preparsing SQL statements with more than 9 binders, which can cause memory corruption and an adversary can modify control data such as return addresses in order to execute unexpected code.
What is vulnerable?¶
| Product(s) Affected | Version(s) | CVE | CVSS | Severity |
|---|---|---|---|---|
| Perl DBI | Version before 1.648 | CVE-2026-10879 | 9.8 | Critical |
What has been observed?¶
The WASOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing.
Recommendation¶
The WASOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):