Vulnerability in Erlang Otp

CVE-2026-54887

Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl (DTLS server) allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtls_server_connecti…

Affected products

  • Erlang Otp — versions 8.2, 20.0, e594aad2f87aab39e99fccf9e021bc94e0bbf7d4

Weakness classification (CWE)

References