CVE-2026-8700

CVE-2026-8700: Crypt::DSA versions before 1.20 for Perl generate seeds using rand

Vendor Timlegge
Product Crypt::DSA
Weakness CWE-331
Published May 15, 2026
Last update May 18, 2026

CVSS base score

What the vulnerability does

01Description

Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.

Key dates

02Disclosure timeline

May 15, 2026 CVE published
May 18, 2026 Record updated