CVE-2026-46474

by Fred · 15/05/2026

Trog::TOTP versions before 1.006 for Perl generate secrets using rand.

Secrets were generated using Perl’s built-in rand function, which is predictable and unsuitable for security usage.