Vulnerability in Erlang Otp
CVE-2026-54887
Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl (DTLS server) allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtls_server_connecti…
Affected products
- Erlang Otp — versions 8.2, 20.0, e594aad2f87aab39e99fccf9e021bc94e0bbf7d4
Weakness classification (CWE)
References
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related, vendor-advisory)
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (x_version-scheme)
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (patch)