PT-2026-39539 · Stigtsp · Net-Cidr-Lite
Published
2026-05-10
·
Updated
2026-05-10
·
CVE-2026-45191
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass.
Mask forms like "/00" and "/01" pass validation and parse to the same prefix as their unpadded value.
See also CVE-2026-45190.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Net-Cidr-Lite