CVE-2026-45191

Published: Mag 10, 2026 Last Modified: Mag 10, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass.

Mask forms like '/00' and '/01' pass validation and parse to the same prefix as their unpadded value.

Improper Validation of Unsafe Equivalence in Input

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Other

Potential Impacts:

Varies By Context

Applicable Platforms

All platforms may be affected

View CWE Details

https://github.com/stigtsp/Net-CIDR-Lite/commit/24e2c439ec4…

https://github.com/stigtsp/Net-CIDR-Lite/commit/24e2c439ec405e5256024b9acefd4f7…

https://metacpan.org/release/STIGTSP/Net-CIDR-Lite-0.24/cha…

https://metacpan.org/release/STIGTSP/Net-CIDR-Lite-0.24/changes

https://www.cve.org/CVERecord?id=CVE-2026-45190

CVE-2026-45191

Description

Improper Validation of Unsafe Equivalence in Input

Common Consequences

Applicable Platforms

Iscriviti alla newsletter