SecAlerts
CVE ListPricingSign Up
perl logo

perl

Security Risk Profile

42
/100
medium

Security Risk Score

Comprehensive risk assessment based on 153 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from December 31, 1999 to present

153
Total CVEs
50
Critical+High
1
Exploited
12
Unpatched

Threat Assessment

Avg CVSS
6.1
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
12
Critical/High
Risk Level
42/100
medium
⚠️ 1 Active Exploits🆕 1Fresh (<7d)📈 1 in Last 30 Days

Severity Distribution

Critical
15
High
35
Medium
45
Low
10

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
2

Age Distribution

Common Weaknesses (CWE)

1
Buffer Overflow
35
2
Input Validation
9
3
Integer Overflow
7
4
Race Condition
6
5
Weak RNG
3

Most Affected Products

1. Perl Perl848
2. Dan Kogai Encode Module118
3. Mark Stosberg Data\72
4. Perl pcre52
5. Canonical Ubuntu Linux50

Recent Vulnerabilities

See more →
CVE-2026-8376
unknown

Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds

5/25/2026
https://seclists.org/oss-sec/2026/q1/408
unknown

CVE-2026-4176: Perl versions from 5.9.4 befo5.40.4-RC1, from 5.41.0 befo5.42.2-RC1, from 5.43.0 befo5.43.9 contain a vulnerable version of Compss::Raw::Zlib

3/30/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q1/407
unknown

CVE-2026-4176: Perl versions from 5.9.4 befo5.40.4-RC1, from 5.41.0 befo5.42.2-RC1, from 5.43.0 befo5.43.9 contain a vulnerable version of Compss::Raw::Zlib

3/29/2026🔧 No Patch
CVE-2026-4176
CVSS 9.8EPSS 0%critical

Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib

3/29/2026
CVE-2025-11683
CVSS 6.5medium

YAML::Syck versions before 1.36 for Perl has missing Null-Terminators which causes Out-of-Bounds Read and potential Information Disclosure

10/16/2025
RHSA-2025:17430
CVSS 4.0medium

Moderate: perl-JSON-XS security update

10/7/2025
RHSA-2025:17162
unknown

Moderate: perl-JSON-XS security update

10/1/2025
RHSA-2025:17163
unknown

Moderate: perl-JSON-XS security update

10/1/2025
CVE-2024-58040
CVSS 9.1critical

Crypt::RandomEncryption for Perl uses insecure rand() function during encryption

9/29/2025🔧 No Patch
REDHAT-BUG-2393878
CVSS 4.0medium
9/8/2025🔧 No Patch

Monitor perl in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.