Review
JASEI
CVE published 2026-06-22
CVE-2026-11373
CVE-2026-11373 is a vulnerability in Net::Statsite::Client versions up to 1.1.0 for Perl. The issue allows for metric injections because newlines are not removed from metric names, and values are not sanitized for newlines or other protocol control characters like colons or pipes. This vulnerability impacts users of the Net::Statsite::Client module, particularly those using it to send metrics to a statsit [truncated]