CVE-2026-3256

CVE-2026-3256 affects HTTP::Session for Perl up to version 0.53. The vulnerability arises from the session ID generation using HTTP::Session::ID::SHA1 (SHA-1) seeded with the built-in rand, high-resolution epoch time, and PID, with the PID drawn from a small set and epoch time potentially guessab...