CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-49940

Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One (U+0661) were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.6%

CVSS Severity

CVSS v3 Score 6.5

References

https://metacpan.org/release/RRWO/Net-CIDR-Set-0.21/changes
https://nvd.nist.gov/vuln/detail/CVE-2025-40911

Products affected by CVE-2026-49940

Rrwo » Net: » Version: Any

cpe:2.3:a:rrwo:net:

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-49940

Products

Pricing

Contact Us