[HIGH] Auth0 PHP SDK has Insufficient Entropy in Cookie Encryption

PKSA-3nzc-cgjr-2gwf CVE-2026-34236 GHSA-w3wc-44p4-m4j7

Affected package: auth0/auth0-php

Affected version: >=8.0.0,<=8.18.0

Reported by:
GitHub