CVE-2026-41565

Source
https://cve.org/CVERecord?id=CVE-2026-41565
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-41565.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-41565
Downstream
Related
Published
2026-05-28T14:13:19.301Z
Modified
2026-07-08T08:05:12.136713314Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
CryptX versions before 0.088_001 for Perl have a stack buffer overflow in four AEAD decrypt_verify helpers
Details

CryptX versions before 0.088001 for Perl have a stack buffer overflow in four AEAD decryptverify helpers.

The gcmdecryptverify, ccmdecryptverify, chacha20poly1305decryptverify and eaxdecryptverify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stack buffer (MAXBLOCKSIZE) without checking the supplied length. A longer tag overwrites the stack past the buffer. Version 0.088 added the clamp to gcmdecryptverify, and 0.088_001 added it to the other three.

Any caller of an affected helper that forwards an attacker-controlled tag longer than the buffer can trigger the overflow.

Database specific
{
    "cna_assigner": "CPANSec",
    "cwe_ids": [
        "CWE-121"
    ],
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "fixed": "0.088_001"
                }
            ],
            "source": "AFFECTED_FIELD"
        },
        {
            "extracted_events": [
                {
                    "fixed": "0.088_001"
                }
            ],
            "source": "DESCRIPTION"
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41565.json"
}
References

Affected packages

Git / github.com/dcit/perl-cryptx

Affected ranges

Type
GIT
Repo
https://github.com/dcit/perl-cryptx
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "source": "REFERENCES"
}

Affected versions

v0.*
v0.022
v0.023
v0.024
v0.025
v0.026
v0.029
v0.030
v0.031
v0.032
v0.033
v0.034
v0.035
v0.036
v0.037
v0.038
v0.039
v0.040
v0.041
v0.042
v0.043
v0.044
v0.045
v0.046
v0.047
v0.048
v0.049
v0.050
v0.051
v0.052
v0.053
v0.054
v0.055
v0.056
v0.057
v0.058
v0.059
v0.060
v0.061
v0.062
v0.063
v0.064
v0.065
v0.066
v0.067
v0.068
v0.069
v0.070
v0.071
v0.072
v0.073
v0.074
v0.075
v0.076
v0.077
v0.078
v0.079
v0.080
v0.081
v0.082
v0.083
v0.084
v0.085
v0.086
v0.087
v0.088

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-41565.json"