CVE-2025-40910

Name of the Vulnerable Software and Affected Versions: Net::IP::LPM version 1.10

Description: The issue arises from the improper consideration of leading zero characters in IP CIDR address strings, potentially allowing attackers to bypass access control based on IP addresses. This confusion can affect users who intentionally use octal notation, as well as those who believe they are using decimal notation, due to the use of leading zeros to indicate octal numbers.

Recommendations: For Net::IP::LPM version 1.10, consider updating to a version that properly handles leading zero characters in IP CIDR address strings to prevent potential access control bypass. At the moment, there is no information about a newer version that contains a fix for this vulnerability.