Skip to main content

Trog

1 CVEs product

Monthly

CVE-2026-46474 HIGH PATCH This Week

Insufficient entropy in Trog::TOTP for Perl (versions before 1.006) allows remote attackers to predict TOTP secrets generated using Perl's built-in rand() function, undermining the security of two-factor authentication tokens issued by applications relying on this module. The flaw was reported by CPANSec and a fixed release (1.006) is available on CPAN. No public exploit identified at time of analysis, and the EPSS score is very low (0.02%).

Information Disclosure Trog
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Insufficient entropy in Trog::TOTP for Perl (versions before 1.006) allows remote attackers to predict TOTP secrets generated using Perl's built-in rand() function, undermining the security of two-factor authentication tokens issued by applications relying on this module. The flaw was reported by CPANSec and a fixed release (1.006) is available on CPAN. No public exploit identified at time of analysis, and the EPSS score is very low (0.02%).

Information Disclosure Trog
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy