CVE-2026-3257

Summary

UnQLite versions through 0.06 for Perl uses a potentially insecure version of the UnQLite library.

UnQLite for Perl embeds the UnQLite library. Version 0.06 and earlier of the Perl module uses a version of the library from 2014 that may be vulnerable to a heap-based overflow.

Affected Software

VendorProductVersion RangeStatus
TOKUHIROMUnQLite0 <= 0.06affected

Weaknesses

  • CWE-1395: CWE-1395 Dependency on Vulnerable Third-Party Component

Workarounds

Upgrade to UnQLite for Perl version 0.07 or later.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References