All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-11625
HIGHpublished 2026-06-26 09:16 UTC · 2 days ago · modified 2026-06-26 17:16 UTC
7.5
CVSS / 10
// description
Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess applications are predictable across processes.
// cvss 3.1 vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
// weaknesses (CWE)
- CWE-335