Review
RRWO
CVE published 2026-05-20
CVE-2026-47373
CVE-2026-47373 is a timing-attack issue in the Perl Crypt::SaltedHash module affecting versions through 0.09. The problem comes from using Perl's built-in eq comparison, which can expose timing discrepancies that may help an attacker infer information about the underlying hash. The supplied references point to a fix in Crypt::SaltedHash 0.10 and an associated security disclosure on the same day the CVE was published.