CVE-2026-5091

216.73.217.22

· Published 21/05/2026 22:16 · Modified 22/05/2026 02:16

Labels: CVE-2026-5091 2026-05-21 9b29abf9-4ab0-4765-b253-1875cd9b441e CVE-2026-5091 CWE-208

Essential information

Published: 21/05/2026 22:16
Modified: 22/05/2026 02:16
Author: —
Creator: —
CISA KEV: No
CWE: —
CVSS vector

Description

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
NVD: View on NVD

Affected products (CPE)

Product	CPE
catalyst / plugin authentication	`cpe:2.3:a:catalyst:plugin_authentication:<0.10024:::::::*`

CVE-2026-5091

Essential information

Description

NVD status

Affected products (CPE)

References