1. CVE-2026-5084: WebDyne::Session ≤2.075 Flaw Generates Predictable Session IDs via MD5 and rand(), Enabling Hijacking
A high-severity vulnerability has been identified in WebDyne::Session versions up to and including 2.075, potentially exposing web applications to session hijacking attacks. The flaw, tracked as CVE-2026-5084, stems from the module's use of cryptographically weak session ID generation. Specifically, the software relies...