Description
Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts.

These versions use the built-in rand function, which is predictable and unsuitable for cryptography.
Published: 2026-06-12
Score: 7.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Crypt::PBKDF2 implementations prior to version 0.261630 generate salts using Perl's built‑in rand function. Because rand is not cryptographically secure, the salts are predictable. This weakness undermines PBKDF2's intended resistance to pre‑computed attacks, allowing an attacker who can observe or guess a salt to greatly reduce the computational effort needed for a brute‑force or dictionary attack.

Affected Systems

The vulnerability affects the Crypt::PBKDF2 module distributed by ARODLAND, specifically any installation of version 0.261629 or earlier. The module is used in Perl applications that perform password hashing or key derivation with PBKDF2.

Risk and Exploitability

The CVSS score of 7.5 indicates substantial severity, and the EPSS score is not available. The flaw is not listed in KEV, but the use of a predictable random source is a severe weakness. The likely attack vector is any code that imports Crypt::PBKDF2; if an application stores hashed passwords in a database, compromised salts could enable faster cracking. This vulnerability is local to the environment running the module, but once the attacker obtains password hashes, the impact is widespread.

Generated by OpenCVE AI on June 12, 2026 at 19:36 UTC.

Remediation

Vendor Solution

Upgrade to version 0.261630 or later.

OpenCVE Recommended Actions

  • Upgrade Crypt::PBKDF2 to version 0.261630 or newer.
  • Update all Perl applications that rely on Crypt::PBKDF2 to use the patched version and recompile them.
  • Rehash existing password hashes by re‑processing them through the upgraded module to generate secure salts.
  • Verify that no legacy versions of Crypt::PBKDF2 remain in the environment.

Generated by OpenCVE AI on June 12, 2026 at 19:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 12 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Arodland
Arodland crypt::pbkdf2
Vendors & Products Arodland
Arodland crypt::pbkdf2

Fri, 12 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 12 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Description Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography.
Title Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts
Weaknesses CWE-338
References

Subscriptions

Arodland Crypt::pbkdf2
cve-icon MITRE

Status: PUBLISHED

Assigner: CPANSec

Published:

Updated: 2026-06-12T17:50:43.544Z

Reserved: 2026-05-26T18:28:03.845Z

Link: CVE-2026-9638

cve-icon Vulnrichment

Updated: 2026-06-12T17:50:43.544Z

cve-icon NVD

Status : Deferred

Published: 2026-06-12T16:16:34.937

Modified: 2026-06-12T18:16:36.030

Link: CVE-2026-9638

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-12T20:20:08Z

Weaknesses
  • CWE-338

    Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)