CVE-2026-45180
Essential information
- Published
- 10/05/2026 21:16
- Modified
- 10/05/2026 21:16
- Author
- —
- Creator
- —
- CISA KEV
- No
- CWE
- —
- CVSS vector
- — — —
Description
Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids.
If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host on another network), then users' session ids may be leaked. This may allow an attacker to use session ids as authentication tokens.
NVD status
- Status
- Received — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- 9b29abf9-4ab0-4765-b253-1875cd9b441e
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| cpan / catalyst | cpe:2.3:a:cpan:catalyst::plugin::statsd:<0.10.0:*:*:*:*:*:*:* |