CVE-2025-15638

CRITICAL 10.0

Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt

CVSS Score

10.0

EPSS Score

0.0%

EPSS Percentile

0th

Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt. Net::Dropbear versions before 0.14 includes versions of Dropbear 2019.78 or earlier. These include versions of libtomcrypt v1.18.1 or earlier, which is affected by CVE-2016-6129 and CVE-2018-12437.

CWE	CWE-1395
Vendor	atrodo
Product	net::dropbear
Published	Apr 21, 2026
Last Updated	Apr 21, 2026

Stay Ahead of the Next One

Get instant alerts for atrodo net::dropbear

Be the first to know when new critical vulnerabilities affecting atrodo net::dropbear are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

ATRODO / Net::Dropbear

0 < 0.14

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cve.org: https://www.cve.org/CVERecord?id=CVE-2016-6129 cve.org: https://www.cve.org/CVERecord?id=CVE-2018-12437 metacpan.org: https://metacpan.org/release/ATRODO/Net-Dropbear-0.14/source/dropbear/libtomcrypt/changes