login
login
Home
CPANSec CVE announcements
Archive index Febuary 2026
Date Index - Febuary 2026 - CPANSec CVE announcements
Search:
Search
« January
Archive index
By threads
Refresh
March »
13 Feb 2026 00:00 UTC
CVE-2025-40905: WWW::OAuth 1.000 and earlier for Perl uses insecure rand() function for cryptographic functions
Timothy Legge
16 Feb 2026 21:01 UTC
CVE-2026-2474: Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypt_urandom_getrandom()
Stig Palmquist
16 Feb 2026 21:20 UTC
CVE-2025-15578: Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely
Timothy Legge
16 Feb 2026 21:27 UTC
CVE-2026-2439: Concierge::Sessions versions from 0.8.1 before 0.8.5 for Perl generate insecure session ids
Timothy Legge
22 Feb 2026 23:37 UTC
CVE-2026-2588: Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems
Timothy Legge
23 Feb 2026 23:58 UTC
CVE-2024-58041: Smolder versions through 1.51 for Perl uses insecure rand() function for cryptographic functions
Timothy Legge
27 Feb 2026 00:03 UTC
CVE-2025-40932: Apache::SessionX versions through 2.01 for Perl create insecure session id
Timothy Legge
27 Feb 2026 00:04 UTC
CVE-2026-2597: Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes()
Timothy Legge
27 Feb 2026 00:19 UTC
CVE-2021-4456: Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact
Timothy Legge
