CVE-2026-46473

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand.

Secrets were generated using Perl’s built-in rand function, which is predictable and unsuitable for security usage.

More information : https://github.com/tchatzi/Authen-TOTP/commit/d04f30cc6538d77fc6b6d550da450cf3017b8561.patch