Common Weakness Enumeration
CWE-331
AllowedInsufficient Entropy
Abstraction: Base · Status: Draft
The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
207 vulnerabilities reference this CWE, most recent first.
CVE-2026-4930 (GCVE-0-2026-4930)
Vulnerability from cvelistv5 – Published: 2026-06-25 18:39 – Updated: 2026-06-25 19:03
VLAI
EPSS
VEX
Title
DPA Countermeasures weakening on Series 3 devices
Summary
SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations (AES encryption/decryption and hashing).
DPA Countermeasures on SYMCRYPTO can be weakened (reduced entropy) by forcing certain seed values if an attacker gains code execution capability on the impacted device.
* Therefore, the keys loaded on SYMCRYPTO may be more vulnerable to extraction through DPA attacks than intended
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-331 - Insufficient entropy
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.silabs.com/068Vm00000sjHs3 | third-party-advisorypermissions-required |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| silabs.com | Simplicity SDK |
Affected:
0 , ≤ *.*
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4930",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-25T19:03:07.263017Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T19:03:41.047Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "SiSDK",
"product": "Simplicity SDK",
"vendor": "silabs.com",
"versions": [
{
"lessThanOrEqual": "*.*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SYMCRYPTO is the SiXG301\u0027s host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations (AES encryption/decryption and hashing).\n\u003cbr\u003e\u003cbr\u003e\u003cdiv\u003eDPA Countermeasures on SYMCRYPTO can be weakened (reduced entropy) by forcing certain seed values if an attacker gains code execution capability on the impacted device.\n\u003cbr\u003e\u003cul\u003e\u003cli\u003eTherefore, the keys loaded on SYMCRYPTO may be more vulnerable to extraction through DPA attacks than intended\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e"
}
],
"value": "SYMCRYPTO is the SiXG301\u0027s host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations (AES encryption/decryption and hashing).\n\n\nDPA Countermeasures on SYMCRYPTO can be weakened (reduced entropy) by forcing certain seed values if an attacker gains code execution capability on the impacted device.\n\n * Therefore, the keys loaded on SYMCRYPTO may be more vulnerable to extraction through DPA attacks than intended"
}
],
"impacts": [
{
"capecId": "CAPEC-97",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-97 Cryptanalysis"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T18:39:26.379Z",
"orgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
"shortName": "Silabs"
},
"references": [
{
"tags": [
"third-party-advisory",
"permissions-required"
],
"url": "https://community.silabs.com/068Vm00000sjHs3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "DPA Countermeasures weakening on Series 3 devices",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
"assignerShortName": "Silabs",
"cveId": "CVE-2026-4930",
"datePublished": "2026-06-25T18:39:26.379Z",
"dateReserved": "2026-03-26T19:20:56.943Z",
"dateUpdated": "2026-06-25T19:03:41.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4827 (GCVE-0-2026-4827)
Vulnerability from cvelistv5 – Published: 2026-05-12 12:24 – Updated: 2026-05-14 17:38
VLAI
EPSS
VEX
Title
Insufficient Entropy vulnerability on Multiple Products
Summary
CWE‑331: Insufficient Entropy vulnerability exists that could lead to unauthorized access when an attacker on the network can exploit weaknesses in session‑management protections.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-331 - Insufficient entropy
Assigner
References
1 reference
Impacted products
14 products
| Vendor | Product | Version | |
|---|---|---|---|
| Schneider Electric | Easergy MiCOM C264 |
Affected:
Versions D6.x
Affected: Versions D7.33 and prior |
|
| Schneider Electric | Easergy C5 |
Affected:
Version 1.1.17 and prior
|
|
| Schneider Electric | Easergy MiCOM P30 |
Affected:
P139 version prior to P139.678.700
Affected: P437 version prior to P437.678.700 Affected: P439 version prior to P439.678.700 Affected: P532 version prior to P532.678.700 Affected: P539 version prior to P539.678.700 Affected: P631 version prior to P631.678.700 Affected: P632 version prior to P632.678.700 Affected: P633 version prior to P633.678.700 Affected: P634 version prior to P634.678.700 Affected: P633 version P633.680.700 only Affected: P634 version P634.680.700 only Affected: P138 version prior to P138.677.700 Affected: P436 version prior to P436.677.701 Affected: P438 version prior to P438.677.701 Affected: P638 version prior to P638.677.700 Affected: C434 version prior to C434.679.700 |
|
| Schneider Electric | Easergy MiCOM P40 |
Affected:
Series model numbers with Protocol Option bit as G, H or L and all firmware versions
|
|
| Schneider Electric | EcoStruxure™ Power Automation System Gateway (EPAS-GTW) |
Affected:
Version 6.4.616.200.100 and prior
|
|
| Schneider Electric | EcoStruxure™ Power Automation System User Interface (EPAS-UI) |
Affected:
Version 3.0.3 and prior
|
|
| Schneider Electric | EcoStruxure™ Power Operation |
Affected:
Version 2022 CU6 and prior
Affected: Version 2024 CU2 and prior |
|
| Schneider Electric | iPMFLS |
Affected:
Version 64.2025.0.13 and prior
|
|
| Schneider Electric | PowerLogic™ P5 Protection Relay |
Affected:
V02.502.103 and prior
|
|
| Schneider Electric | PowerLogic™ P7 Protection and Control Platform |
Affected:
V02.002.002 and prior
|
|
| Schneider Electric | PowerLogic™ T300 |
Affected:
Version 2.9.4 and prior
|
|
| Schneider Electric | PowerLogic™ T500 |
Affected:
Version 11.08.02 and prior
|
|
| Schneider Electric | Saitel DP |
Affected:
Version 11.06.36 and prior
|
|
| Schneider Electric | EasyLogic T150 (formerly Saitel DR) |
Affected:
Version 11.06.30 and prior
|
Date Public
2026-05-12 16:49
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4827",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T12:39:02.210471Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T12:39:31.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Easergy MiCOM C264",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions D6.x"
},
{
"status": "affected",
"version": "Versions D7.33 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Easergy C5",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Version 1.1.17 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Easergy MiCOM P30",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "P139 version prior to P139.678.700"
},
{
"status": "affected",
"version": "P437 version prior to P437.678.700"
},
{
"status": "affected",
"version": "P439 version prior to P439.678.700"
},
{
"status": "affected",
"version": "P532 version prior to P532.678.700"
},
{
"status": "affected",
"version": "P539 version prior to P539.678.700"
},
{
"status": "affected",
"version": "P631 version prior to P631.678.700"
},
{
"status": "affected",
"version": "P632 version prior to P632.678.700"
},
{
"status": "affected",
"version": "P633 version prior to P633.678.700"
},
{
"status": "affected",
"version": "P634 version prior to P634.678.700"
},
{
"status": "affected",
"version": "P633 version P633.680.700 only"
},
{
"status": "affected",
"version": "P634 version P634.680.700 only"
},
{
"status": "affected",
"version": "P138 version prior to P138.677.700"
},
{
"status": "affected",
"version": "P436 version prior to P436.677.701"
},
{
"status": "affected",
"version": "P438 version prior to P438.677.701"
},
{
"status": "affected",
"version": "P638 version prior to P638.677.700"
},
{
"status": "affected",
"version": "C434 version prior to C434.679.700"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Easergy MiCOM P40",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Series model numbers with Protocol Option bit as G, H or L and all firmware versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EcoStruxure\u2122 Power Automation System Gateway (EPAS-GTW)",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Version 6.4.616.200.100 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EcoStruxure\u2122 Power Automation System User Interface (EPAS-UI)",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Version 3.0.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EcoStruxure\u2122 Power Operation",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Version 2022 CU6 and prior"
},
{
"status": "affected",
"version": "Version 2024 CU2 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iPMFLS",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Version 64.2025.0.13 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerLogic\u2122 P5 Protection Relay",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V02.502.103 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerLogic\u2122 P7 Protection and Control Platform",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "V02.002.002 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerLogic\u2122 T300",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Version 2.9.4 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerLogic\u2122 T500",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Version 11.08.02 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Saitel DP",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Version 11.06.36 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EasyLogic T150 (formerly Saitel DR)",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Version 11.06.30 and prior"
}
]
}
],
"datePublic": "2026-05-12T16:49:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CWE\u2011331: Insufficient Entropy vulnerability exists that could lead to unauthorized access when an attacker on the network can exploit weaknesses in session\u2011management protections."
}
],
"value": "CWE\u2011331: Insufficient Entropy vulnerability exists that could lead to unauthorized access when an attacker on the network can exploit weaknesses in session\u2011management protections."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T17:38:38.647Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-132-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2026-132-02.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insufficient Entropy vulnerability on Multiple Products",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2026-4827",
"datePublished": "2026-05-12T12:24:22.928Z",
"dateReserved": "2026-03-25T14:07:29.111Z",
"dateUpdated": "2026-05-14T17:38:38.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2878 (GCVE-0-2026-2878)
Vulnerability from cvelistv5 – Published: 2026-02-25 14:45 – Updated: 2026-02-27 17:06
VLAI
EPSS
VEX
Title
Insufficient Entropy Vulnerability in Telerik UI for ASP.NET AJAX
Summary
In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyncUpload, where a predictable temporary identifier, based on timestamp and filename, can enable collisions and file content tampering.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-331 - Insufficient Entropy
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.telerik.com/products/aspnet-ajax/docu… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Progress Software | Telerik UI for ASP.NET AJAX |
Affected:
2011.2.712 , < 2026.1.225
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2878",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-27T17:06:09.729072Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T17:06:16.616Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Telerik UI for ASP.NET AJAX",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "2026.1.225",
"status": "affected",
"version": "2011.2.712",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Monetary Authority of Singapore"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Progress\u00ae Telerik\u00ae UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyncUpload, where a predictable temporary identifier, based on timestamp and filename, can enable collisions and file content tampering."
}
],
"value": "In Progress\u00ae Telerik\u00ae UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyncUpload, where a predictable temporary identifier, based on timestamp and filename, can enable collisions and file content tampering."
}
],
"impacts": [
{
"capecId": "CAPEC-149",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-149 Explore for Predictable Temporary File Names"
}
]
},
{
"capecId": "CAPEC-26",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-26 Leveraging Race Conditions"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T14:45:11.142Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.telerik.com/products/aspnet-ajax/documentation/knowledge-base/kb-security-insufficient-entropy-cve-2026-2878"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient Entropy Vulnerability in Telerik UI for ASP.NET AJAX",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2026-2878",
"datePublished": "2026-02-25T14:45:11.142Z",
"dateReserved": "2026-02-20T16:20:51.770Z",
"dateUpdated": "2026-02-27T17:06:16.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2541 (GCVE-0-2026-2541)
Vulnerability from cvelistv5 – Published: 2026-02-15 11:07 – Updated: 2026-02-17 17:06
VLAI
EPSS
VEX
Title
Micca KE700 Brute-force vulnerability due to low entropy
Summary
The Micca KE700 system relies on a 6-bit portion of an identifier for authentication within rolling codes, providing only 64 possible combinations. This low entropy allows an attacker to perform a brute-force attack against one component of the rolling code. Successful exploitation simplify an attacker to predict the next valid rolling code, granting unauthorized access to the vehicle.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-331 - Insufficient Entropy
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://asrg.io/security-advisories/cve-2026-2541/ | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micca Auto Electronics Co., Ltd. | Car Alarm System KE700 |
Affected:
KE700
Unknown: KE700+ |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2541",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-17T16:42:16.545829Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-17T17:06:46.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Car Alarm System KE700",
"vendor": "Micca Auto Electronics Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "KE700"
},
{
"status": "unknown",
"version": "KE700+"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Danilo Erazo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Micca KE700 system relies on a 6-bit portion of an identifier for authentication within rolling codes, providing only 64 possible combinations. This low entropy allows an attacker to perform a brute-force attack against one component of the rolling code. Successful exploitation simplify an attacker to predict the next valid rolling code, granting unauthorized access to the vehicle."
}
],
"value": "The Micca KE700 system relies on a 6-bit portion of an identifier for authentication within rolling codes, providing only 64 possible combinations. This low entropy allows an attacker to perform a brute-force attack against one component of the rolling code. Successful exploitation simplify an attacker to predict the next valid rolling code, granting unauthorized access to the vehicle."
}
],
"impacts": [
{
"capecId": "CAPEC-112",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-112: Brute Force"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:H/V:D/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331: Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-15T11:07:40.539Z",
"orgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"shortName": "ASRG"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://asrg.io/security-advisories/cve-2026-2541/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003e\u003cb\u003eIncrease entropy:\u003c/b\u003e The random component of the code must be significantly larger. A 16-bit keyspace is insecure by modern standards. A minimum of 64 bits of entropy would make a brute-force attack computationally infeasible.\u003c/li\u003e\n\u003c/ul\u003e"
}
],
"value": "* Increase entropy: The random component of the code must be significantly larger. A 16-bit keyspace is insecure by modern standards. A minimum of 64 bits of entropy would make a brute-force attack computationally infeasible."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Micca KE700 Brute-force vulnerability due to low entropy",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"assignerShortName": "ASRG",
"cveId": "CVE-2026-2541",
"datePublished": "2026-02-15T11:07:40.539Z",
"dateReserved": "2026-02-15T10:49:23.973Z",
"dateUpdated": "2026-02-17T17:06:46.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2336 (GCVE-0-2026-2336)
Vulnerability from cvelistv5 – Published: 2026-04-16 17:02 – Updated: 2026-04-16 17:34
VLAI
EPSS
VEX
Title
Weak webstax_auth Cookie Authentication Allows Privilege Escalation
Summary
A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-331 - Insufficient entropy
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.microchip.com/en-us/solutions/technol… | vendor-advisory |
Date Public
2026-04-14 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2336",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-16T17:34:33.723469Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-16T17:34:39.672Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "IStaX",
"vendor": "Microchip",
"versions": [
{
"lessThan": "2026.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rickard Jonsson"
}
],
"datePublic": "2026-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own \u003ccode\u003ewebstax_auth\u003c/code\u003e session cookie and forge a new cookie with administrative privileges.\u003cp\u003eThis issue affects IStaX before 2026.03.\u003c/p\u003e"
}
],
"value": "A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-16T17:02:06.352Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/istax-privilege-escalation-via-weak-cookie-authentication"
}
],
"source": {
"advisory": "PSIRT-123",
"discovery": "EXTERNAL"
},
"title": "Weak webstax_auth Cookie Authentication Allows Privilege Escalation",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Restrict access to the management interface to trusted networks and trusted users until devices can be upgraded."
}
],
"value": "Restrict access to the management interface to trusted networks and trusted users until devices can be upgraded."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2026-2336",
"datePublished": "2026-04-16T17:02:06.352Z",
"dateReserved": "2026-02-11T10:30:26.167Z",
"dateUpdated": "2026-04-16T17:34:39.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1814 (GCVE-0-2026-1814)
Vulnerability from cvelistv5 – Published: 2026-02-03 14:54 – Updated: 2026-02-26 15:04
VLAI
EPSS
VEX
Title
Rapid7 Nexpose Insecure Java Keystore Password Generation
Summary
Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword() method. When updating legacy keystore passwords, the application generates a new password with insufficient length (7-12 characters) and a static prefix 'p', resulting in a weak keyspace. An attacker with access to the nsc.ks file can brute-force this password using consumer-grade hardware to decrypt stored credentials.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-331 - Insufficient Entropy
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.atredis.com/disclosure | exploitthird-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rapid7 | InsightVM/Nexpose |
Affected:
6.4.50 , < 8.36.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1814",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T04:55:53.093730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:28.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"CredentialsKeyStorePassword class (NSCStartupService)"
],
"platforms": [
"Linux",
"Windows"
],
"product": "InsightVM/Nexpose",
"vendor": "Rapid7",
"versions": [
{
"lessThan": "8.36.0",
"status": "affected",
"version": "6.4.50",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Justin Kennedy"
},
{
"lang": "en",
"type": "sponsor",
"value": "Atredis Partners"
},
{
"lang": "en",
"type": "finder",
"value": "Stephen Breen"
},
{
"lang": "en",
"type": "finder",
"value": "Phil Brass"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword() method. When updating legacy keystore passwords, the application generates a new password with insufficient length (7-12 characters) and a static prefix \u0027p\u0027, resulting in a weak keyspace. An attacker with access to the nsc.ks file can brute-force this password using consumer-grade hardware to decrypt stored credentials."
}
],
"value": "Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword() method. When updating legacy keystore passwords, the application generates a new password with insufficient length (7-12 characters) and a static prefix \u0027p\u0027, resulting in a weak keyspace. An attacker with access to the nsc.ks file can brute-force this password using consumer-grade hardware to decrypt stored credentials."
}
],
"impacts": [
{
"capecId": "CAPEC-112",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-112 Brute Force"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T19:30:52.884Z",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"tags": [
"exploit",
"third-party-advisory"
],
"url": "https://www.atredis.com/disclosure"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "InsightVM or Nexpose customers with automatic product updates enabled will receive and process this update when it is released. Customers who manually control their own update version can utilize the manual update process within the security console to update to version 8.36.0 when it is made available. We recommend those customers schedule this update as soon as reasonably possible.\u003cbr\u003e"
}
],
"value": "InsightVM or Nexpose customers with automatic product updates enabled will receive and process this update when it is released. Customers who manually control their own update version can utilize the manual update process within the security console to update to version 8.36.0 when it is made available. We recommend those customers schedule this update as soon as reasonably possible."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Rapid7 Nexpose Insecure Java Keystore Password Generation",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2026-1814",
"datePublished": "2026-02-03T14:54:12.073Z",
"dateReserved": "2026-02-03T14:05:09.471Z",
"dateUpdated": "2026-02-26T15:04:28.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-67504 (GCVE-0-2025-67504)
Vulnerability from cvelistv5 – Published: 2025-12-09 03:31 – Updated: 2025-12-09 15:10
VLAI
EPSS
VEX
Title
WBCE CMS has Weak Random Number Generator in Password Generation Function
Summary
WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword() to create passwords using PHP's rand(). rand() is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege escalation if these passwords are used for new accounts or password resets. The vulnerability is fixed in version 1.6.5.
Severity
9.1 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/WBCE/WBCE_CMS/security/advisor… | x_refsource_CONFIRM |
| https://github.com/WBCE/WBCE_CMS/commit/5d59fe021… | x_refsource_MISC |
| https://cwe.mitre.org/data/definitions/338.html | x_refsource_MISC |
| https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.5 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-67504",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T15:10:29.392302Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T15:10:35.359Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/WBCE/WBCE_CMS/security/advisories/GHSA-76gj-pmvx-jcc6"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "WBCE_CMS",
"vendor": "WBCE",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword() to create passwords using PHP\u0027s rand(). rand() is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege escalation if these passwords are used for new accounts or password resets. The vulnerability is fixed in version 1.6.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331: Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-338",
"description": "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T03:31:17.723Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/WBCE/WBCE_CMS/security/advisories/GHSA-76gj-pmvx-jcc6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/WBCE/WBCE_CMS/security/advisories/GHSA-76gj-pmvx-jcc6"
},
{
"name": "https://github.com/WBCE/WBCE_CMS/commit/5d59fe021a5c6e469b1bf192b72ca652e54278f6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/WBCE/WBCE_CMS/commit/5d59fe021a5c6e469b1bf192b72ca652e54278f6"
},
{
"name": "https://cwe.mitre.org/data/definitions/338.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/338.html"
},
{
"name": "https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.5"
}
],
"source": {
"advisory": "GHSA-76gj-pmvx-jcc6",
"discovery": "UNKNOWN"
},
"title": "WBCE CMS has Weak Random Number Generator in Password Generation Function"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-67504",
"datePublished": "2025-12-09T03:31:17.723Z",
"dateReserved": "2025-12-08T21:19:11.206Z",
"dateUpdated": "2025-12-09T15:10:35.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66565 (GCVE-0-2025-66565)
Vulnerability from cvelistv5 – Published: 2025-12-09 01:47 – Updated: 2025-12-09 16:03
VLAI
EPSS
VEX
Title
Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values
Summary
Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator (crypto/rand) fails, both functions silently fall back to returning predictable UUID values, including the zero UUID "00000000-0000-0000-0000-000000000000". The vulnerability occurs through two related but distinct failure paths, both ultimately caused by crypto/rand.Read() failures, compromising the security of all Fiber applications using these functions for security-critical operations. This issue is fixed in version 2.0.0-rc.4.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/gofiber/utils/security/advisor… | x_refsource_CONFIRM |
| https://github.com/gofiber/utils/commit/6c6cf0470… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66565",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T14:16:58.759199Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T16:03:03.356Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/gofiber/utils/security/advisories/GHSA-m98w-cqp3-qcqr"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "utils",
"vendor": "gofiber",
"versions": [
{
"status": "affected",
"version": "github.com/gofiber/utils \u003c= 1.2.0"
},
{
"status": "affected",
"version": "github.com/gofiber/utils/v2 \u003c 2.0.0-rc.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system\u0027s cryptographic random number generator (crypto/rand) fails, both functions silently fall back to returning predictable UUID values, including the zero UUID \"00000000-0000-0000-0000-000000000000\". The vulnerability occurs through two related but distinct failure paths, both ultimately caused by crypto/rand.Read() failures, compromising the security of all Fiber applications using these functions for security-critical operations. This issue is fixed in version 2.0.0-rc.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "CWE-252: Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331: Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-338",
"description": "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T01:47:58.430Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/gofiber/utils/security/advisories/GHSA-m98w-cqp3-qcqr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/gofiber/utils/security/advisories/GHSA-m98w-cqp3-qcqr"
},
{
"name": "https://github.com/gofiber/utils/commit/6c6cf047032b9c8dff43d29f990b4b10e9b02d47",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gofiber/utils/commit/6c6cf047032b9c8dff43d29f990b4b10e9b02d47"
}
],
"source": {
"advisory": "GHSA-m98w-cqp3-qcqr",
"discovery": "UNKNOWN"
},
"title": "Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-66565",
"datePublished": "2025-12-09T01:47:58.430Z",
"dateReserved": "2025-12-04T16:05:22.975Z",
"dateUpdated": "2025-12-09T16:03:03.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-62774 (GCVE-0-2025-62774)
Vulnerability from cvelistv5 – Published: 2025-10-22 00:00 – Updated: 2025-10-22 15:48
VLAI
EPSS
VEX
Summary
On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-331 - Insufficient Entropy
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62774",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T15:48:17.236069Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T15:48:43.953Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "M6a",
"vendor": "Mercku",
"versions": [
{
"lessThanOrEqual": "2.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T03:01:09.790Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://seclists.org/fulldisclosure/2025/Oct/10"
},
{
"url": "https://blog.nullvoid.me/posts/mercku-exploits/"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-62774",
"datePublished": "2025-10-22T00:00:00.000Z",
"dateReserved": "2025-10-22T00:00:00.000Z",
"dateUpdated": "2025-10-22T15:48:43.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-59015 (GCVE-0-2025-59015)
Vulnerability from cvelistv5 – Published: 2025-09-09 09:00 – Updated: 2025-09-09 19:31
VLAI
EPSS
VEX
Title
Insufficient Entropy in Password Generation
Summary
A deterministic three‑character prefix in the Password Generation component of TYPO3 CMS versions 12.0.0–12.4.36 and 13.0.0–13.4.17 reduces entropy, allowing attackers to carry out brute‑force attacks more quickly.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-331 - Insufficient Entropy
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://typo3.org/security/advisory/typo3-core-sa… | vendor-advisory |
Impacted products
Date Public
2025-09-09 09:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59015",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-09T19:31:01.239247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T19:31:09.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://packagist.org",
"defaultStatus": "unaffected",
"modules": [
"Core"
],
"packageName": "typo3/cms-core",
"product": "TYPO3 CMS",
"repo": "https://github.com/TYPO3/typo3",
"vendor": "TYPO3",
"versions": [
{
"lessThan": "12.4.37",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
},
{
"lessThan": "13.4.18",
"status": "affected",
"version": "13.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Mathias Brodala"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Oliver Hader"
}
],
"datePublic": "2025-09-09T09:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A deterministic three\u2011character prefix in the Password Generation component of TYPO3 CMS versions 12.0.0\u201312.4.36 and 13.0.0\u201313.4.17 reduces entropy, allowing attackers to carry out brute\u2011force attacks more quickly."
}
],
"value": "A deterministic three\u2011character prefix in the Password Generation component of TYPO3 CMS versions 12.0.0\u201312.4.36 and 13.0.0\u201313.4.17 reduces entropy, allowing attackers to carry out brute\u2011force attacks more quickly."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T09:00:48.801Z",
"orgId": "f4fb688c-4412-4426-b4b8-421ecf27b14a",
"shortName": "TYPO3"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2025-019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insufficient Entropy in Password Generation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f4fb688c-4412-4426-b4b8-421ecf27b14a",
"assignerShortName": "TYPO3",
"cveId": "CVE-2025-59015",
"datePublished": "2025-09-09T09:00:48.801Z",
"dateReserved": "2025-09-07T19:01:20.436Z",
"dateUpdated": "2025-09-09T19:31:09.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Implementation
Determine the necessary entropy to adequately provide for randomness and predictability. This can be achieved by increasing the number of bits of objects such as keys and seeds.
CAPEC-59: Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.