PT-2026-39539 · Cpan+2 · Net-Cidr-Lite+2

Stig Tsp

+1

·

Published

2026-05-10

·

Updated

2026-06-18

·

CVE-2026-45191

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Name of the Vulnerable Software and Affected Versions Net::CIDR::Lite versions prior to 0.24
Description Improper validation of CIDR mask values allows extraneous zero characters to be processed. Mask forms such as "/00" and "/01" pass validation and are parsed as the same prefix as their unpadded equivalents, which may lead to an IP Access Control List (ACL) bypass.
Recommendations Update to version 0.24 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-45191
OPENSUSE-SU-2026:10780-1
SUSE-SU-2026:2113-1
USN-8453-1

Affected Products

Linuxmint
Net-Cidr-Lite
Ubuntu