CVE-2026-56016
CGI::Session::ID::md5 (Perl) before 4.49 generates session IDs from a MD5 digest of the process ID, epoch time, and Perl’s rand(), all low-entropy/predictable sources. An attacker who predicts a session ID can impersonate the session and bypass authentication. Remediation: upgrade to CGI::Session...