Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

CVE-2026-57076: CWE-416 Use After Free in TODDR YAML::Syck

0
High
VulnerabilityCVE-2026-57076cvecve-2026-57076cwe-416
Published: 07/16/2026 (07/16/2026, 21:40:59 UTC)
Source: CVE Database V5
Vendor/Project: TODDR
Product: YAML::Syck

Description

YAML::Syck versions before 1.47 for Perl contain a use-after-free vulnerability triggered by reusing an anchor name in the YAML anchors table. This occurs during the default Load or LoadFile operations on untrusted YAML documents that redefine anchors, leading to reading freed heap memory.

Affected software

GitHub Actionsmore threats →cve
YAML-Syck
pkg:github/YAML-Syck
Affected versions
<1.47

Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/17/2026, 04:02:43 UTC

Technical Analysis

CVE-2026-57076 is a heap use-after-free vulnerability in YAML::Syck versions prior to 1.47 for Perl. The issue arises because an anchor name allocated by syck_strndup is stored both as node->anchor and as a key in the parser's anchors table. When the node is freed, the shared key is also freed, but a subsequent anchor redefinition causes the anchors table to compare against this freed key, resulting in a read of freed heap memory. This vulnerability is reachable on the default Load path without special flags, affecting any caller that processes untrusted YAML documents with anchor redefinitions.

Potential Impact

The vulnerability allows reading of freed heap memory during YAML parsing, which can lead to undefined behavior including potential crashes or memory corruption. Since anchors are a standard YAML feature and no special flags are needed to trigger this, any application using vulnerable YAML::Syck versions to load untrusted documents is at risk of memory safety issues.

Mitigation Recommendations

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, avoid loading untrusted YAML documents that redefine anchors using vulnerable versions of YAML::Syck. Monitor vendor channels for updates or patches addressing this issue.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Data Version
5.2
Assigner Short Name
CPANSec
Date Reserved
2026-06-23T18:02:32.995Z
Cvss Version
null
State
PUBLISHED
Remediation Level
null

Threat ID: 6a59a5f668715ace43451fcd

Added to database: 07/17/2026, 03:48:06 UTC

Last enriched: 07/17/2026, 04:02:43 UTC

Last updated: 07/17/2026, 04:02:43 UTC

Views: 4

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses