CVE-2025-15638— Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt

EPSS 0.02% · P5 Updated Apr 22, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-15638

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt

Source: NVD (National Vulnerability Database)

Vulnerability Description

Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt. Net::Dropbear versions before 0.14 includes versions of Dropbear 2019.78 or earlier. These include versions of libtomcrypt v1.18.1 or earlier, which is affected by CVE-2016-6129 and CVE-2018-12437.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

CWE-1395

Source: NVD (National Vulnerability Database)

Vulnerability Title

Net::Dropbear 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Net::Dropbear是ATRODO个人开发者的一个基于Dropbear的SSH客户端接口模块。 Net::Dropbear 0.14之前版本存在安全漏洞，该漏洞源于包含易受攻击的libtomcrypt版本，可能受CVE-2016-6129和CVE-2018-12437影响。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
ATRODO	Net::Dropbear	0 ~ 0.14	-

II. Public POCs for CVE-2025-15638

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-15638

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2025-15638

IV. Related Vulnerabilities

Same product: Net::Dropbear

CVE-2025-40913
Net::Dropbear versions through 0.16 for Perl contains a depe

Same vendor: ATRODO

CVE-2025-40913
Net::Dropbear versions through 0.16 for Perl contains a depe

Same weakness: CWE-1395

V. Comments for CVE-2025-15638

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-15638— Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt

I. Basic Information for CVE-2025-15638

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-15638

III. Intelligence Information for CVE-2025-15638

IV. Related Vulnerabilities

V. Comments for CVE-2025-15638

Leave a comment