A vulnerability was found in BPS HTML::Gumbo up to 0.18 on Perl. It has been declared as critical. This affects the function
strlen in the library lib/HTML/Gumbo.xs. The manipulation results in type confusion.
This vulnerability is known as CVE-2025-15646. It is possible to launch the attack remotely. No exploit is available.
It is recommended to upgrade the affected component.