CVE Catalog

CVE-2026-12205

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

7th percentile — higher than 7% of all known CVEs

Summary

Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. The first sign() on a Key object picks a nonce, and every later sign() on that same object reuses it, producing an identical 'r'.

Risk Assessment

Keys used to sign more than once with an affected version should be considered compromised, posing a serious risk to data security and signature integrity.

Recommendation

It is recommended to upgrade to Crypt::DSA version 1.21 or later and to replace all keys that were used for signing with the affected version.

Original NVD description (English source)

Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign() on a Key object picks a nonce, and every later sign() on that same object reuses it, producing an identical "r". Keys used to sign more than once with an affected version should be considered compromised.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS