CVE-2025-40926 | KAZEBURO Plack::Middleware::Session::Simple up to 0.04 on Perl Default Session ID Generator rand generation of predictable numbers or identifiers

Inserito da Angelo Barbosa | Mar 5, 2026 | CVE

A vulnerability was found in KAZEBURO Plack::Middleware::Session::Simple up to 0.04 on Perl and classified as problematic. This affects the function rand of the component Default Session ID Generator. Such manipulation leads to generation of predictable numbers or identifiers.

This vulnerability is traded as CVE-2025-40926. The attack may be launched remotely. There is no exploit available.

It is advisable to implement a patch to correct this issue.

CVE-2025-40926 | KAZEBURO Plack::Middleware::Session::Simple up to 0.04 on Perl Default Session ID Generator rand generation of predictable numbers or identifiers

Post correlati

CVE-2023-50205 | D-Link G416 awsfile command injection (ZDI-23-1821)

CVE-2025-68613 | n8n up to 1.120.3/1.121.0 dynamically-managed code resources (GHSA-v98v-ff95-f3cp)

CVE-2025-1590 | SourceCodester E-Learning System 1.0 List of Lessons Page index.php unrestricted upload

CVE-2024-12979 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php cn_update cname cross site scripting