Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.1
Perl Crypt::NaCl::Sodium may cause data corruption on 32-bit systems
CVE-2026-2588
Summary
Old versions of the Crypt::NaCl::Sodium module for Perl may corrupt data on 32-bit systems. This is a serious issue because it could lead to unpredictable behavior or crashes in your program. Update to the latest version of the module to fix the problem.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| timlegge | crypt\ | \ | – |
Original title
Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems.
Sodium.xs casts a STRLEN (size_t) to unsigned long long when passing a length pointer to libsodi...
Original description
Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems.
Sodium.xs casts a STRLEN (size_t) to unsigned long long when passing a length pointer to libsodium functions. On 32-bit systems size_t is typically 32-bits while an unsigned long long is at least 64-bits.
Sodium.xs casts a STRLEN (size_t) to unsigned long long when passing a length pointer to libsodium functions. On 32-bit systems size_t is typically 32-bits while an unsigned long long is at least 64-bits.
nvd CVSS3.1
9.1
Vulnerability type
CWE-190
Integer Overflow
Published: 23 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026