PatchSiren

ETHER CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

CRITICAL ETHER CVE published 2026-06-09

CVE-2009-10007

CVE-2009-10007 is a critical vulnerability in Catalyst::Plugin::Authentication versions before 0.10_027 for Perl. The plugin does not automatically change the session id after authentication, making it susceptible to session fixation attacks. An attacker who obtains a session id cookie can use this to impersonate the victim.