Description

Text::Minify::XS versions from v0.3.0 before v0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters. The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption. Note that the minify_utf8 function is an alias for minnify.

INFO

Published Date :

2026-04-27T12:29:53.967Z

Last Modified :

2026-04-27T14:20:30.162Z

Source :

CPANSec
AFFECTED PRODUCTS

The following products are affected by CVE-2026-7040 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-7040.

URL Resource
https://github.com/robrwo/Text-Minify-XS/security/advisories/GHSA-jqhf-vv4h-77h2 cve-icon cve-icon
https://metacpan.org/release/RRWO/Text-Minify-XS-v0.7.8/changes cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System