THREAT OPS › Threat News › CVE-2026-15747: Mojolicious versions from 4.59 before 9.48 for Perl expose a stable representation of the session CSRF token to a BREACH compression oracle
CVE-2026-15747: Mojolicious versions from 4.59 before 9.48 for Perl expose a stable representation of the session CSRF token to a BREACH compression oracle
<p>Posted by Stig Palmquist on Jul 14</p>========================================================================<br /> CVE-2026-15747 CPAN Security Group<br /> ========================================================================<br /> <br /> CVE ID: CVE-2026-15747<br /> Distribution: Mojolicious<br /> Versions: from 4.59 before 9.48<br
MITRE ATT&CK techniques
- CompressionT1027.015
Indicators of compromise
- CVE-2026-15747cve
- https://metacpan.org/dist/Mojoliciousurl
Original source: https://seclists.org/oss-sec/2026/q3/146