{"vulnerability": "CVE-2025-40910", "sightings": [{"uuid": "afe5b91e-770d-48ab-a03f-f678c0d03f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40910", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsluz2yedg2i", "content": "", "creation_timestamp": "2025-06-27T14:46:26.268463Z"}, {"uuid": "94814d37-e504-4b03-a678-627c78083b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40910", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19785", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40910\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses.\n\nLeading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation.\n\ud83d\udccf Published: 2025-06-27T12:19:59.195Z\n\ud83d\udccf Modified: 2025-06-27T20:06:41.450Z\n\ud83d\udd17 References:\n1. https://metacpan.org/release/TPODER/Net-IP-LPM-1.10/diff/TPODER/Net-IP-LPM-1.09/lib/Net/IP/LPM.pm\n2. https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/\n3. https://security.metacpan.org/patches/N/Net-IP-LPM/1.10/CVE-2025-40910-r1.patch", "creation_timestamp": "2025-06-27T20:52:31.000000Z"}]}