Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Predictable secrets can be exploited remotely (AV:N) but only when the app uses the pre-fork/functional pattern and the attacker correlates streams, raising complexity (AC:H); high confidentiality impact, no integrity/availability effect.
Primary rating from Vendor (CPANSec).
CVSS VectorVendor: CPANSec
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes.
When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced.
Secrets generated in multiprocess applications are predictable across processes.
AnalysisAI
Predictable secret generation in the Perl module Bytes::Random::Secure (versions through 0.29) occurs because the module fails to detect process forks, causing parent and child processes to share identical PRNG internal state. Applications that instantiate a generator object before fork()ing - or that use the module's functional (procedural) interface - will emit identical random streams across processes, making session tokens, keys, salts, and other secrets predictable across workers. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that the victim application uses Bytes::Random::Secure in one of two specific patterns: an OO generator object instantiated BEFORE the process calls fork(), or the module's functional/procedural interface used across forked processes - in either case the seeded PRNG state is copied into children and never re-seeded. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals are mixed and worth reconciling. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A preforking Perl web application initializes a Bytes::Random::Secure generator at startup, then forks multiple worker processes that each issue session tokens or password-reset values from the shared, identical PRNG state. An attacker who obtains a token from one worker can predict the tokens emitted by sibling workers, hijacking other users' sessions or forging reset links. … |
| Remediation | Apply the upstream fix that adds fork/PID detection so the RNG is re-seeded in each child process; the patch is published at https://security.metacpan.org/patches/B/Bytes-Random-Secure/0.29/CVE-2026-11625-r1.patch and corresponds to pull request https://github.com/daoswald/Bytes-Random-Secure/pull/4 - upgrade to the patched release once it is published to CPAN (a fix is available per vendor advisory, though a specific tagged release version is not stated in the provided data, so verify the fixed version on MetaCPAN before pinning). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all systems using Bytes::Random::Secure and determine whether affected applications fork processes after instantiating the generator. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Integer overflow in the Bytes library versions 1.2.1 through 1.11.0 allows attackers to corrupt the BytesMut capacity va
Predictable secret generation in the Perl module Bytes::Random::Secure::Tiny (versions through 1.011) occurs because a P
Same technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: ImportantShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39640
GHSA-r57w-h3mc-4jrv