CVE-2026-47372

Published: Mag 21, 2026 Last Modified: Mag 21, 2026
ExploitDB:
Other exploit source:
Google Dorks:

Description

AI Translation Available

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts.

These versions use the built-in rand function, which is predictable and unsuitable for cryptography.

338

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control
Potential Impacts:
Bypass Protection Mechanism
Applicable Platforms
All platforms may be affected
Likelihood of Exploit: Medium
View CWE Details
https://github.com/robrwo/perl-Crypt-SaltedHash/commit/9b68…
https://github.com/robrwo/perl-Crypt-SaltedHash/commit/9b68437d2cd420b819b3a795…
https://metacpan.org/release/RRWO/Crypt-SaltedHash-0.10/cha…
https://metacpan.org/release/RRWO/Crypt-SaltedHash-0.10/changes