Home / Vulnerability Intelligence / CVE-2026-3257

CVE-2026-3257 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: March 5, 2026

UnQLite Perl - Buffer Overflow

Published: March 5, 2026Updated: March 5, 2026Remote Exploitable

Overview

UnQLite for Perl <= 0.06 contains a heap-based overflow caused by embedding an outdated UnQLite library version from 2014, letting attackers potentially cause memory corruption, exploit requires crafted input.

Severity & Score

Severity: Critical

CVSS Score: 9.8

Impact

Attackers can cause memory corruption leading to potential code execution or denial of service.

Mitigation

Update to the latest version of UnQLite for Perl that includes an updated UnQLite library.

References

https://metacpan.org/release/TOKUHIROM/UnQLite-0.07/source/Changes
https://unqlite.symisc.net/
https://www.cve.org/CVERecord?id=CVE-2025-3791

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-3257
Severity: Critical
CVSS Score: 9.8
Type: buffer_overflow
Status: unconfirmed

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H