CVE-2026-6659

Published: May 8, 2026

Modified: May 26, 2026

PUBLISHED

Description

Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography.

Vendor	Product	Versions
RSAVAGE	Crypt::PasswdMD5	affected `0 - <= 1.42`

Weaknesses (CWE)

CWE-338

References

https://metacpan.org/release/RSAVAGE/Crypt-PasswdMD5-1.43/changes

release-notes

https://github.com/ronsavage/Crypt-PasswdMD5/pull/3

issue-tracking

https://github.com/ronsavage/Crypt-PasswdMD5/commit/a2f821637db0296082297aa4b02254ab08f0dc5e.patch

patch

https://metacpan.org/release/RSAVAGE/Crypt-PasswdMD5-1.42/source/lib/Crypt/PasswdMD5.pm#L35-47

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-6659

Description

Affected Products

Weaknesses (CWE)

References