Share
## https://sploitus.com/exploit?id=89AB48FD-87E9-5792-95CE-0C8F11CF7AA6
# CVE-2026-8376-Perl-Heap-Buffer-Overflow-PoC-Exploit

Perl versions through 5.43.10 contain an integer overflow in Perl_study_chunk (regcomp_study.c). When compiling a regex with a quantified fixed substring, the code checks the buffer size in characters rather than bytes. On 32-bit builds, mincount ร— byte_length can overflow SSize_t (max ~2.1 GB), causing an undersized SvGROW allocation and a subsequent heap buffer overflow during the copy.