Review
GARU
CVE published 2026-07-17
CVE-2026-13410
CVE-2026-13410 was reported in Dancer::Plugin::Auth::Google versions through 0.07 for Perl. The default user agent is initialized with SSL_verify_mode explicitly disabled. This CVE record was published on 2026-07-17T13:17:56.663Z and has not been modified since then. The vulnerability allows an attacker with network man-in-the-middle capability to intercept the OAuth2 token exchange and userinfo fetch, re [truncated]