CVE-2026-56016
highCVSS v3 Base Score
7.4
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
0.2%
Exploitation probability in 30 days
Top 92% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Confidentiality
High
Integrity
High
Availability
None
Vulnerability Report
Generated by CyberWatcher
Description
A flaw was found in perl-CGI-Session. This vulnerability allows a remote attacker to predict session identifiers due to the use of low-entropy sources in the `generate_id` method. By predicting a session identifier, an attacker can impersonate a user's session, leading to a bypass of authentication mechanisms and potential unauthorized access to sensitive information or functionality.
CWE
CWE-331Affected Products
Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7