Cryptographic Seed Vulnerability in Crypt::DSA by TIMLEGGE
CVE-2026-8700

Currently unrated

Key Information:

Vendor: Timlegge
Status: Crypt::dsa
Vendor: CVE Published:; 15 May 2026

What is CVE-2026-8700?

The Crypt::DSA library for Perl, versions prior to 1.20, contains a significant security flaw in the way it generates cryptographic seeds. Utilizing Perl's built-in 'rand' function, the library produces predictable seeds, which undermines the cryptographic strength and can be exploited by malicious actors. This vulnerability compromises the integrity of cryptographic operations, making it imperative for users to upgrade to version 1.20 or later to mitigate risks associated with weak seed generation.

Affected Version(s)

Crypt::DSA 0 < 1.20

References

https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/changes

release-notes

https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/diff...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
May 15, 2026

CVE-2026-8700 Data

JSON

Timlegge

What is CVE-2026-8700?

Affected Version(s)

References

Timeline