PatchSiren cyber security CVE debrief
CVE-2026-12205 TIMLEGGE CVE debrief
A vulnerability was discovered in Crypt::DSA versions before 1.21 for Perl, where the nonce was reused across signatures, allowing for private-key recovery. This is due to the caching of per-signature nonce material in the Key object without clearing it. As a result, keys used to sign more than once with an affected version should be considered compromised.
- Vendor
- TIMLEGGE
- Product
- Crypt::DSA
- CVSS
- CRITICAL 9.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-16
Who should care
Developers and users of Crypt::DSA versions before 1.21 for Perl should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The Crypt::DSA::sign function caches the per-signature nonce material in the Key object without clearing it. This causes the first sign() on a Key object to pick a nonce, and every later sign() on that same object to reuse it, producing an identical 'r' value.
Defensive priority
high
Recommended defensive actions
- Upgrade to Crypt::DSA version 1.21 or later.
- Consider replacing affected keys with new ones.
Evidence notes
The vulnerability was reported on the oss-security mailing list [ref-6]. The issue is documented in the Crypt::DSA source code [ref-4] and changelog [ref-5].
Official resources
-
CVE-2026-12205 CVE record
CVE.org
-
CVE-2026-12205 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
9b29abf9-4ab0-4765-b253-1875cd9b441e
-
Source reference
9b29abf9-4ab0-4765-b253-1875cd9b441e
-
Source reference
af854a3a-2127-422b-91ae-364da2661108
CVE-2026-12205 was published on 2026-06-15T23:16:43.150Z.