Critical severity9.1NVD Advisory· Published Jun 16, 2025· Updated Apr 15, 2026
CVE-2025-40916
CVE-2025-40916
Description
Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha.
That version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 1.05
Patches
Vulnerability mechanics
References
4- metacpan.org/pod/perlfuncnvd
- metacpan.org/release/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.04/diff/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.05/lib/Mojolicious/Plugin/CaptchaPNG.pmnvd
- metacpan.org/release/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.06/changesnvd
- security.metacpan.org/docs/guides/random-data-for-security.htmlnvd
News mentions
0No linked articles in our index yet.