What is CVE-2026-11702?

CVE-2026-11702 is a high-severity vulnerability in Davido Bytes::random::secure::tiny, classified under Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG). CVSS score: 7.5/10. Published 2026-06-26.

How severe is CVE-2026-11702?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Davido Bytes::random::secure::tiny

CVE-2026-11702

Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared across processes and identical random s…

EPSS: 0.002 (5.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Davido Bytes::random::secure::tiny — versions 0

Weakness classification (CWE)

CWE-335 — Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)

References

9b29abf9-4ab0-4765-b253-1875cd9b441e (issue-tracking)
9b29abf9-4ab0-4765-b253-1875cd9b441e (issue-tracking)
9b29abf9-4ab0-4765-b253-1875cd9b441e (patch)
9b29abf9-4ab0-4765-b253-1875cd9b441e (related)

Frequently asked questions

What is CVE-2026-11702?: CVE-2026-11702 is a high-severity vulnerability in Davido Bytes::random::secure::tiny, classified under Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG). CVSS score: 7.5/10. Published 2026-06-26.
How severe is CVE-2026-11702?: High severity. CVSS v3 base score is 7.5 out of 10.