QwikSec

Security Database

CVE

CWE

Training

CVE-2026-45191

Published: May 10, 2026

Modified: May 11, 2026

PUBLISHED

Description

Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validation and parse to the same prefix as their unpadded value. See also CVE-2026-45190.

Vendor	Product	Versions
STIGTSP	Net::CIDR::Lite	affected `0 - < 0.24`

Weaknesses (CWE)

References

https://github.com/stigtsp/Net-CIDR-Lite/commit/24e2c439ec405e5256024b9acefd4f7008c5ed0c.patch

patch

https://metacpan.org/release/STIGTSP/Net-CIDR-Lite-0.24/changes

release-notes

https://www.cve.org/CVERecord?id=CVE-2026-45190

related

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.