CVE-2026-10879: DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders

Overview

Severity

High (CVSS 8.6)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U

Exploit Status

Not Exploited

Patch Tuesday

2026-Jun

Released

2026-06-09

EPSS Score

0.05% (percentile: 16.6%)

Affected Products (1)

Open Source Software

• azl3 perl-DBI 1.643-3 on Azure Linux 3.0

Revision History

• 2026-06-09: Information published.