CVE-2026-5091
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
21/05/2026
Last modified:
22/05/2026
Description
Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks.<br />
<br />
These versions use Perl&#39;s built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password.



