{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/dbdfile--1.651/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.7,"id":"CVE-2026-15392"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["DBD::File \u003c 1.651"],"_cs_severities":["medium"],"_cs_tags":["vulnerability","symlink","perl"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-15392 identifies a critical flaw within the Perl module \u003ccode\u003eDBD::File\u003c/code\u003e, specifically in versions earlier than 1.651. This vulnerability stems from the module's inadequate handling of table files, failing to ensure that they are not symbolic links pointing to untrusted locations. Attackers could exploit this weakness to perform symlink following, potentially leading to information disclosure or local privilege escalation on systems where the vulnerable module is in use. While the Microsoft Security Response Center (MSRC) has published information regarding this CVE, specific details on observed exploitation or active campaigns are not provided. Defenders should prioritize updating systems utilizing \u003ccode\u003eDBD::File\u003c/code\u003e to prevent potential misuse of this vulnerability by local adversaries who might leverage it to access sensitive data or gain elevated privileges.\u003c/p\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-15392 could allow an attacker with local access to manipulate file paths, tricking the \u003ccode\u003eDBD::File\u003c/code\u003e module into interacting with arbitrary files via symlinks. This can result in unauthorized information disclosure, where the attacker reads sensitive data from files outside the intended scope of the application, or potentially lead to local privilege escalation if the module operates with higher permissions and the attacker can write to critical system locations. The immediate observed impact, victim count, or targeted sectors are not specified in the available intelligence.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePatch CVE-2026-15392 by updating the \u003ccode\u003eDBD::File\u003c/code\u003e Perl module to version 1.651 or later immediately.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-17T07:10:26Z","date_published":"2026-07-17T07:10:26Z","id":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-15392-dbd-file-symlink/","summary":"CVE-2026-15392 is a medium-severity vulnerability affecting versions of the Perl module DBD::File prior to 1.651, where the module fails to prevent symlinks to untrusted locations, potentially allowing local attackers to achieve information disclosure or local privilege escalation through symlink following.","title":"CVE-2026-15392: DBD::File Module Symlink Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-15392-dbd-file-symlink/"}],"language":"en","title":"CraftedSignal Threat Feed - DBD::File \u003c 1.651","version":"https://jsonfeed.org/version/1.1"}