What is the CPANSec CNA?
CPANSec is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 49 CVE records since 2025.
How many CVEs has CPANSec published?
CPANSec has published 49 CVE records, including 49 in the last two years.
What is CPANSec's CVE data quality grade?
RadicalNotion.AI grades CPANSec's CVE data quality as C, with an overall completeness score of 75%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (0%), and CWE (100%) information.
What products does CPANSec publish CVEs for?
CPANSec most frequently publishes CVEs for crypt\, net\, apache\, perl, \.
Which vendors does CPANSec cover?
CPANSec publishes CVEs across 38 distinct vendors, most often RRWO, TIMLEGGE, TODDR, MIYAGAWA, cpan-authors.
Is CPANSec actively publishing CVEs?
CPANSec is currently active, based on 49 CVEs in the last two years.
How many critical CVEs has CPANSec published?
CPANSec has published 41 critical-severity CVEs and 51 high-severity CVEs.
Are any of CPANSec's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of CPANSec's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in CPANSec's CVEs?
CPANSec's CVEs most often map to these CWE weakness types: CWE-338 (Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)), CWE-1395 (Dependency on Vulnerable Third-Party Component), CWE-340 (Generation of Predictable Numbers or Identifiers), CWE-122 (Heap-based Buffer Overflow).
How does CPANSec rank among CNAs?
By total CVE volume, CPANSec ranks #167 of 370 CNAs, and it reports more complete CVE records than 23% of all CNAs.
