Vulnerability in Burak Gd::securityimage
CVE-2026-13082
GD::SecurityImage versions through 1.75 for Perl use rand to generate secrets. The random method creates the challenge text used for the CAPTCHA by sampling characters from an array using Perl's built-in rand function, and generates a (by…
CVSS v3 metric
CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.
Affected products
- Burak Gd::securityimage — versions 0
Weakness classification (CWE)
References
- 9b29abf9-4ab0-4765-b253-1875cd9b441e (related)
- 9b29abf9-4ab0-4765-b253-1875cd9b441e (patch)
Frequently asked questions
- What is CVE-2026-13082?
- CVE-2026-13082 is a medium-severity vulnerability in Burak Gd::securityimage, classified under Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG). CVSS score: 5.3/10. Published 2026-07-17.
- How severe is CVE-2026-13082?
- Medium severity. CVSS v3 base score is 5.3 out of 10.