CVE-2026-46473

Severity CVSS v4.0:
Pending analysis
Type:
CWE-331 Insufficient Entropy
Publication date:
21/05/2026
Last modified:
21/05/2026

Description

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand.<br /> <br /> Secrets were generated using Perl&amp;#39;s built-in rand function, which is predictable and unsuitable for security usage.