CVE-2026-12205

June 15, 2026, 11:16 p.m.

None
No Score

Description

Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign() on a Key object picks a nonce, and every later sign() on that same object reuses it, producing an identical "r". Keys used to sign more than once with an affected version should be considered compromised.

Product(s) Impacted

Vendor Product Versions
Crypt
  • Crypt-dsa
  • <1.21

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-323
Reusing a Nonce, Key Pair in Encryption
Nonces should be used for the present occasion and only once.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a crypt crypt-dsa <1.21 / / / / / / /

References

https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/source/lib/Crypt/DSA.pm#L47
https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.21/changes
http://www.openwall.com/lists/oss-security/2026/06/15/4

Tags

CWE-323
9b29abf9-4ab0-4765-b253-1875cd9b441e
2026-06-15
CVE-2026-12205

Timeline

Published: June 15, 2026, 11:16 p.m.
Last Modified: June 15, 2026, 11:16 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

9b29abf9-4ab0-4765-b253-1875cd9b441e

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.