CVE-2026-7040

· NIST NVD ↗

Text::Minify::XS versions from 0.3.0 before 0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters. The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption. Note that the minify_utf8 function is an alias for minify.

HIGH
CVSS severity
7.5
CVSS base score
2026-04-27
Published

CWE codes

CWE-122CWE-176

Affected products

rrwo:text\

Sources