๐Ÿ” CVE Alert

CVE-2026-47372

CRITICAL 9.1

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts

CVSS Score
9.1
EPSS Score
0.0%
EPSS Percentile
0th

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography.

CWE CWE-338
Vendor rrwo
Product crypt::saltedhash
Published May 20, 2026
Last Updated May 21, 2026
Stay Ahead of the Next One

Get instant alerts for rrwo crypt::saltedhash

Be the first to know when new critical vulnerabilities affecting rrwo crypt::saltedhash are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

RRWO / Crypt::SaltedHash
0 โ‰ค 0.09

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
metacpan.org: https://metacpan.org/release/RRWO/Crypt-SaltedHash-0.10/changes github.com: https://github.com/robrwo/perl-Crypt-SaltedHash/commit/9b68437d2cd420b819b3a795474c3870338d38d5.patch openwall.com: http://www.openwall.com/lists/oss-security/2026/05/20/22