Vulnerability in Burak Gd::securityimage

CVE-2026-13082

GD::SecurityImage versions through 1.75 for Perl use rand to generate secrets. The random method creates the challenge text used for the CAPTCHA by sampling characters from an array using Perl's built-in rand function, and generates a (by…

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2026-13082?
CVE-2026-13082 is a medium-severity vulnerability in Burak Gd::securityimage, classified under Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG). CVSS score: 5.3/10. Published 2026-07-17.
How severe is CVE-2026-13082?
Medium severity. CVSS v3 base score is 5.3 out of 10.