CVE-2026-46473
Severity CVSS v4.0:
Pending analysis
Type:
CWE-331
Insufficient Entropy
Publication date:
21/05/2026
Last modified:
21/05/2026
Description
Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand.<br />
<br />
Secrets were generated using Perl&#39;s built-in rand function, which is predictable and unsuitable for security usage.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH



