CVE-2026-6659

CVE-2026-6659: Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts

Vendor Rsavage
Product Crypt::PasswdMD5
Weakness CWE-338
Published May 8, 2026
Last update May 26, 2026

CVSS base score

What the vulnerability does

01Description

Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography.

Key dates

02Disclosure timeline

May 8, 2026 CVE published
May 26, 2026 Record updated

Related vulnerabilities

04Related CVE