VYPR

CWE-336

Same Seed in Pseudo-Random Number Generator (PRNG)

VariantDraft

Description

A Pseudo-Random Number Generator (PRNG) uses the same seed each time the product is initialized.

Given the deterministic nature of PRNGs, using the same seed for each initialization will lead to the same output in the same order. If an attacker can guess (or knows) the seed, then the attacker may be able to determine the random numbers that will be produced from the PRNG.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (2)

  • CVE-2026-24044CriFeb 12, 2026
    risk 0.60cvss epss 0.00

    Element Server Suite Community Edition (ESS Community) deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Community Helm Chart secrets initialization hook (using matrix-tools container before 0.5.7) is using an insecure Matrix server key…

  • CVE-2012-6661Nov 3, 2014
    risk 0.00cvss epss 0.02

    Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to…