CVE-2026-9537
Mojo::JWT versions before 1.02 for Perl verify HMAC signatures with a non-constant-time string comparison
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Mojo::JWT versions before 1.02 for Perl verify HMAC signatures with a non-constant-time string comparison. The decode() method compares the supplied signature to the recomputed HMAC with Perl's eq operator, which stops at the first differing byte, so the comparison time varies with the number of matching leading bytes. A caller that decodes attacker supplied tokens leaks the expected signature through this timing variation, which can be aggregated over many requests to recover the signature and forge a token.
| CWE | CWE-208 |
| Vendor | jberger |
| Product | mojo::jwt |
| Published | Jul 17, 2026 |
Stay Ahead of the Next One
Get instant alerts for jberger mojo::jwt
Be the first to know when new unknown vulnerabilities affecting jberger mojo::jwt are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
JBERGER / Mojo::JWT
0 < 1.02