Vulnerability Details CVE-2026-5086
Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks.
For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 31.2%
CVSS Severity
CVSS v3 Score 7.5
References