CVE-2026-4176: Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib

Overview

Severity
Critical (CVSS 9.8)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploit Status
Not Exploited
Patch Tuesday
2026-Mar
Released
2026-04-01
Last Updated
2026-04-15
EPSS Score
0.03% (percentile: 7.6%)

Affected Products (62)

Open Source Software

  • cbl2 binutils 2.37-20 on CBL Mariner 2.0
  • cbl2 boost 1.76.0-4 on CBL Mariner 2.0
  • cbl2 ceph 16.2.10-11 on CBL Mariner 2.0
  • cbl2 cloud-hypervisor 32.0-7 on CBL Mariner 2.0
  • cbl2 cloud-hypervisor-cvm 38.0.72.2-5 on CBL Mariner 2.0
  • azl3 binutils 2.41-10 on Azure Linux 3.0
  • azl3 boost 1.83.0-2 on Azure Linux 3.0
  • cbl2 freetype 2.13.1-2 on CBL Mariner 2.0
  • azl3 ceph 18.2.2-12 on Azure Linux 3.0
  • cbl2 gcc 11.2.0-9 on CBL Mariner 2.0
  • azl3 crash 9.0.0-1 on Azure Linux 3.0
  • azl3 freetype 2.13.2-2 on Azure Linux 3.0
  • azl3 gdb 13.2-6 on Azure Linux 3.0
  • cbl2 keras 2.11.0-3 on CBL Mariner 2.0
  • cbl2 mariadb 10.6.25-1 on CBL Mariner 2.0
  • cbl2 nmap 7.93-4 on CBL Mariner 2.0
  • cbl2 nss 3.75-2 on CBL Mariner 2.0
  • cbl2 python-tensorboard 2.11.0-3 on CBL Mariner 2.0
  • cbl2 python-tensorflow-estimator 2.11.0-2 on CBL Mariner 2.0
  • azl3 mariadb 10.11.16-1 on Azure Linux 3.0
  • azl3 mariadb-connector-c 3.3.8-3 on Azure Linux 3.0
  • azl3 nmap 7.95-3 on Azure Linux 3.0
  • azl3 nodejs24 24.13.0-3 on Azure Linux 3.0
  • azl3 nss 3.96.1-3 on Azure Linux 3.0
  • cbl2 qt5-qtbase 5.12.11-19 on CBL Mariner 2.0
  • azl3 python-tensorboard 2.16.2-6 on Azure Linux 3.0
  • cbl2 rubygem-mini_portile2 2.8.0-1 on CBL Mariner 2.0
  • cbl2 rust 1.72.0-15 on CBL Mariner 2.0
  • cbl2 sudo 1.9.17-1 on CBL Mariner 2.0
  • cbl2 tensorflow 2.11.1-2 on CBL Mariner 2.0
  • azl3 rubygem-mini_portile2 2.8.4-1 on Azure Linux 3.0
  • azl3 rust 1.75.0-27 on Azure Linux 3.0
  • azl3 rust 1.90.0-6 on Azure Linux 3.0
  • azl3 tensorflow 2.16.1-11 on Azure Linux 3.0
  • azl3 perl 5.38.2-509 on Azure Linux 3.0
  • cbl2 perl 5.34.1-491 on CBL Mariner 2.0

Other

  • 20600-17086
  • 21145-17086
  • 21154-17084
  • 20598-17086
  • 21119-17084
  • 21095-17084
  • 17438-17086
  • 21155-17086
  • 21130-17086
  • 21135-17084
  • 19847-17084
  • 21156-17084
  • 21111-17084
  • 20706-17086
  • 20732-17084
  • 21200-17084
  • 21201-17084
  • 21192-17084

Mariner

  • cbl2 grpc 1.42.0-11 on CBL Mariner 2.0
  • azl3 gcc 13.2.0-7 on Azure Linux 3.0
  • azl3 grpc 1.62.3-1 on Azure Linux 3.0
  • cbl2 tcl 8.6.13-3 on CBL Mariner 2.0
  • azl3 qtbase 6.6.3-4 on Azure Linux 3.0
  • cbl2 zlib 1.2.13-2 on CBL Mariner 2.0
  • azl3 sudo 1.9.17-1 on Azure Linux 3.0
  • azl3 tcl 8.6.13-3 on Azure Linux 3.0

Revision History

  • 2026-04-01: Information published.
  • 2026-04-02: Information published.
  • 2026-04-14: Information published.
  • 2026-04-15: Information published.