CVE-2026-5083

Name of the Vulnerable Software and Affected Versions Ado::Sessions versions through 0.935

Description The Ado::Sessions Perl module generates insecure session IDs. The session ID is created using a SHA-1 hash seeded with the built-in rand function, the epoch time, and the process ID (PID). The PID comes from a limited range of numbers, and the epoch time may be predictable. The rand function is not suitable for cryptographic purposes. Predictable session IDs could allow an attacker to gain unauthorized access to systems.

Recommendations Update to a newer version that contains a fix for this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.