Tokuhirom Amon2::plugin::web::csrfdefender — known CVE vulnerabilities
Every CVE whose affected-product data names Tokuhirom Amon2::plugin::web::csrfdefender, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2026-5082 — CVSS 5.3 (medium): Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id. The generate_session_id function…