CVE-2026-14739
Last modified
CVE-2026-14739 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders. The fix for CVE-2026-10879 did not allocate enough memory to handle approximately 1.2-million placeholders. DBI version 1.650 sets a hard limit of 99,999 placeholders.. EPSS estimates a 0.40% chance of exploitation in the next 30 days.
Description
DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders. The fix for CVE-2026-10879 did not allocate enough memory to handle approximately 1.2-million placeholders. DBI version 1.650 sets a hard limit of 99,999 placeholders.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Perl | Dbi | < 1.650 |
References
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-14739?
How severe is CVE-2026-14739?
How do I fix CVE-2026-14739?
Related CVEs from 2026
- CVE-2026-14733A vulnerability was detected in SourceCodester Class and Exa…7.3
- CVE-2026-14734A flaw has been found in SourceCodester Class and Exam Timet…7.3
- CVE-2026-14735A vulnerability has been found in code-projects Smart Parkin…7.3
- CVE-2026-14736A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.…7.3
- CVE-2026-14737A vulnerability was identified in Hanwang e-Face General Man…7.3
- CVE-2026-14738A security flaw has been discovered in exo-explore exo up to…3.7
- CVE-2026-1474An out-of-band SQL injection vulnerability (OOB SQLi) has be…7.5
- CVE-2026-14740DBI versions before 1.650 for Perl read one byte out-of-boun…9.1
- CVE-2026-14742A vulnerability was determined in langchain-ai langgraph up …3.1
- CVE-2026-14743A vulnerability was identified in code-projects Real State S…7.3
- CVE-2026-14744A security flaw has been discovered in code-projects Real St…7.3
- CVE-2026-14745A weakness has been identified in code-projects Real State S…7.3
Are you affected by CVE-2026-14739?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
