CVE-2026-5087: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator in JJNAPIORK PAGI::Middleware::Session::Store::Cookie
PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl generates random bytes insecurely. PAGI::Middleware::Session::Store::Cookie attempts to read bytes from the /dev/urandom device directly. If that fails (for example, on systems without the device, such as Windows), then it will emit a warning that recommends the user install Crypt::URandom, and then return a string of random bytes generated by the built-in rand function, which is unsuitable for cryptographic applications. This modules does not use the Crypt::URandom module, and installing it will not fix the problem. The random bytes are used for generating an initialisation vector (IV) to encrypt the cookie. A predictable IV may make it easier for malicious users to decrypt and tamper with the session data that is stored in the cookie.
AI Analysis
Technical Summary
CVE-2026-5087 identifies a vulnerability in PAGI::Middleware::Session::Store::Cookie (versions through 0.001003) where the generation of random bytes for the encryption IV is insecure. The module attempts to read from /dev/urandom; if this fails (e.g., on Windows systems), it emits a warning and uses the built-in rand function to generate random bytes. Since rand is not cryptographically secure, the resulting IV is predictable. This weakness can compromise the confidentiality of session cookies by making it easier for attackers to decrypt or tamper with them. The module does not utilize the Crypt::URandom module, and installing Crypt::URandom does not mitigate the vulnerability. There is no known patch or vendor advisory indicating a fix.
Potential Impact
The use of a predictable initialization vector in cookie encryption can lead to the compromise of session confidentiality. Attackers may decrypt or manipulate session data stored in cookies, potentially leading to unauthorized access or session hijacking. The vulnerability affects confidentiality (high impact) but does not affect integrity or availability directly. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or patch is available, users should consider alternative secure session management modules that use cryptographically secure random number generators. Installing Crypt::URandom does not mitigate the issue. Until a fix is released, avoid using this module in security-sensitive contexts.
CVE-2026-5087: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator in JJNAPIORK PAGI::Middleware::Session::Store::Cookie
Description
PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl generates random bytes insecurely. PAGI::Middleware::Session::Store::Cookie attempts to read bytes from the /dev/urandom device directly. If that fails (for example, on systems without the device, such as Windows), then it will emit a warning that recommends the user install Crypt::URandom, and then return a string of random bytes generated by the built-in rand function, which is unsuitable for cryptographic applications. This modules does not use the Crypt::URandom module, and installing it will not fix the problem. The random bytes are used for generating an initialisation vector (IV) to encrypt the cookie. A predictable IV may make it easier for malicious users to decrypt and tamper with the session data that is stored in the cookie.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-5087 identifies a vulnerability in PAGI::Middleware::Session::Store::Cookie (versions through 0.001003) where the generation of random bytes for the encryption IV is insecure. The module attempts to read from /dev/urandom; if this fails (e.g., on Windows systems), it emits a warning and uses the built-in rand function to generate random bytes. Since rand is not cryptographically secure, the resulting IV is predictable. This weakness can compromise the confidentiality of session cookies by making it easier for attackers to decrypt or tamper with them. The module does not utilize the Crypt::URandom module, and installing Crypt::URandom does not mitigate the vulnerability. There is no known patch or vendor advisory indicating a fix.
Potential Impact
The use of a predictable initialization vector in cookie encryption can lead to the compromise of session confidentiality. Attackers may decrypt or manipulate session data stored in cookies, potentially leading to unauthorized access or session hijacking. The vulnerability affects confidentiality (high impact) but does not affect integrity or availability directly. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or patch is available, users should consider alternative secure session management modules that use cryptographically secure random number generators. Installing Crypt::URandom does not mitigate the issue. Until a fix is released, avoid using this module in security-sensitive contexts.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- CPANSec
- Date Reserved
- 2026-03-28T19:29:58.433Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 69cbf4f5e6bfc5ba1d2745d0
Added to database: 3/31/2026, 4:23:17 PM
Last enriched: 4/8/2026, 3:09:06 AM
Last updated: 5/16/2026, 8:01:55 AM
Views: 60
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.