High severity7.5NVD Advisory· Published Apr 13, 2026· Updated May 6, 2026
CVE-2026-5086
CVE-2026-5086
Description
Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks.
For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <0.019
Patches
Vulnerability mechanics
References
2- www.openwall.com/lists/oss-security/2026/04/13/12nvdThird Party AdvisoryMailing List
- metacpan.org/release/NERDVANA/Crypt-SecretBuffer-0.019/source/ChangesnvdProductRelease Notes
News mentions
0No linked articles in our index yet.