CVE-2026-60082

EUVD-2026-43729
DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row.

When the statement handle had no fields but the source row was non-empty, the internal row-buffer helper would read from a negative array index.

This could be triggered by a caller supplying inconsistent metadata and rows to the prepare method.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
libdbi-perl
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
vulnerable
sid
vulnerable
trixie
vulnerable
trixie (security)
vulnerable