CVE-2026-2439
Concierge::Sessions (Perl) before 0.8.5 uses generate_session_id that defaults to uuidgen or Perl rand when uuidgen fails. Both methods are insecure and produce predictable session IDs, enabling guessing to gain access per CVE-2026-2439. Affected versions are 0.8.1–0.8.4; no warnings when uuidgen...