CVE-2026-46474

216.73.217.22

· Published 15/05/2026 18:16 · Modified 15/05/2026 22:16

Labels: CVE-2026-46474 2026-05-15 9b29abf9-4ab0-4765-b253-1875cd9b441e CVE-2026-46474 CWE-331

Essential information

Published: 15/05/2026 18:16
Modified: 15/05/2026 22:16
Author: —
Creator: —
CISA KEV: No
CWE: —
CVSS vector

Description

Trog::TOTP versions before 1.006 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
NVD: View on NVD

Affected products (CPE)

Product	CPE
trogg / totp	`cpe:2.3:a:trogg:totp:<1.006:::::::*`
perl / perl	`cpe:2.3:a:perl:perl::::::::`

CVE-2026-46474

Essential information

Description

NVD status

Affected products (CPE)

References