Browse all 5 CVE security advisories affecting TOKUHIROM. AI-powered Chinese analysis, POCs, and references for each vulnerability.
TOKUHIROM develops Perl modules primarily for web application development and system utilities, with core use cases in network services and data processing. Historically, vulnerabilities associated with this developer include remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and insecure default configurations. While no major public security incidents have been documented, the 5 CVEs on record highlight recurring issues in parameter handling and access control. Security characteristics suggest a pattern of vulnerabilities in web-facing components, emphasizing the need for strict input sanitization and proper privilege management in implementations using these modules.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-5082 | Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id — Amon2::Plugin::Web::CSRFDefenderCWE-340 | 7.5AI | HighAI | 2026-04-08 |
| CVE-2025-15604 | Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions — Amon2CWE-340 | 5.9 | - | 2026-03-28 |
| CVE-2026-3257 | UnQLite versions through 0.06 for Perl uses a potentially insecure version of the UnQLite library — UnQLiteCWE-1395 | 9.8 | - | 2026-03-05 |
| CVE-2018-25160 | HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend — HTTP::Session2CWE-20 | 9.8 | - | 2026-02-27 |
| CVE-2026-3255 | HTTP::Session2 versions before 1.12 for Perl may generate weak session ids using the rand() function — HTTP::Session2CWE-340 | 3.7 | - | 2026-02-27 |
This page lists every published CVE security advisory associated with TOKUHIROM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.