Kazeburo Plack::middleware::session::simple — known CVE vulnerabilities
Every CVE whose affected-product data names Kazeburo Plack::middleware::session::simple, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2025-40926 — CVSS 9.8 (critical): Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely. The default session id generator returns…