CVE-2026-5089
Essential information
- Published
- 12/05/2026 17:16
- Modified
- 12/05/2026 19:16
- Author
- —
- Creator
- —
- CISA KEV
- No
- CWE
- —
- CVSS vector
- — — —
Description
YAML::Syck versions before 1.38 for Perl has an out-of-bounds read.
The base60 (sexagesimal) parsing code in perl_syck.h has a buffer underflow bug in both int#base60 and float#base60 handlers. When processing the leftmost segment of a colon-separated value (e.g., the 1 in 1:30:45), the inner while loop can decrement a pointer past the start of the string buffer:
while ( colon >= ptr && *colon != ':' )
{
colon--;
}
if ( *colon == ':' ) *colon = '\0'; // colon may be ptr-1 here
When no colon is found (final/leftmost segment), colon becomes ptr-1, and the subsequent *colon dereference reads one byte before the allocated buffer.
NVD status
- Status
- Deferred — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- 9b29abf9-4ab0-4765-b253-1875cd9b441e
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| yaml / syck | cpe:2.3:a:yaml:syck:<1.38:*:*:*:*:*:*:* |
| perl / perl | cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:* |