These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-50639 is a vulnerability in Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl. The vulnerability occurs because the statsd protocol (and extensions such as dogstatsd) allow multiple metrics, separated by newlines, to be sent per packet. Metrics::Any::Adapter::SignalFx, which extends Metrics::Any::Adapter::Statsd, has a similar vulnerability. Additionally, the _labels function does not [truncated]
CVE-2026-50638 is a critical vulnerability in Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl. The vulnerability allows for metric injections due to the lack of protection against multiple metrics separated by newlines in a single packet. The statsd protocol and its extensions, such as dogstatsd, permit this behavior. Additionally, the _tags function does not check for newlines or statsd co [truncated]
CVE-2026-50637 is a HIGH severity vulnerability in Metrics::Any::Adapter::Statsd versions before 0.04 for Perl. The vulnerability allows metric injections due to lack of input validation in the send method, enabling attackers to inject malicious metrics. The statsd protocol and its extensions permit multiple metrics, separated by newlines, to be sent per packet. If metric names contain newlines and statsd [truncated]