CVE-2026-11832
ANALYSIS PENDINGDancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce
Title source: cnaDescription
Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce. The default nonce was generated using an MD5 hash of the epoch time, which is predictable.
References (4)
Core 4
Core References
Release Notes release-notes
https://metacpan.org/release/BIAFRA/Dancer2-Plugin-Auth-OAuth-0.22/changes
Related related
https://www.cve.org/CVERecord?id=CVE-2025-22376
Details
CWE
CWE-338
Status
published
Products (1)
BIAFRA/Dancer2::Plugin::Auth::OAuth
< 0.22
Published
Jun 15, 2026
Tracked Since
Jun 16, 2026