VYPR

CWE-340

Generation of Predictable Numbers or Identifiers

ClassIncomplete

Description

The product uses a scheme that generates numbers or identifiers that are more predictable than required.

Hierarchy (View 1000)

CVEs mapped to this weakness (33)

page 1 of 2
  • CVE-2026-3256CriMar 28, 2026
    risk 0.64cvss 9.8epss 0.01

    HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids. HTTP::Session defaults to using HTTP::Session::ID::SHA1 to generate session ids using a SHA-1 hash seeded with the built-in rand function, the high resolution epoch time, and the…

  • CVE-2026-5081CriMay 6, 2026
    risk 0.59cvss 9.1epss 0.00

    Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId (added in version 1.54) uses the value of the UNIQUE_ID environment variable for the session id. The UNIQUE_ID variable is set by the…

  • CVE-2026-5085CriApr 13, 2026
    risk 0.59cvss 9.1epss 0.00

    Solstice::Session versions through 1440 for Perl generates session ids insecurely. The _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand() function and the process id. The same method is used in the…

  • CVE-2025-40931CriMar 5, 2026
    risk 0.59cvss 9.1epss 0.01

    Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand() function, the epoch time, and the PID.…

  • CVE-2025-15604CriMar 28, 2026
    risk 0.57cvss 9.8epss 0.01

    Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions. In versions 6.06 through 6.16, the random_string function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes by…

  • CVE-2026-40496CriApr 21, 2026
    risk 0.52cvss 9.1epss 0.00

    FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, attachment download tokens are generated using a weak and predictable formula: `md5(APP_KEY + attachment_id + size)`. Since attachment_id is sequential and size can be brute-forced in a small…

  • CVE-2025-40925CriSep 20, 2025
    risk 0.52cvss 9.1epss 0.00

    Starch versions 0.14 and earlier generate session ids insecurely. The default session id generator returns a SHA-1 hash seeded with a counter, the epoch time, the built-in rand function, the PID, and internal Perl reference addresses. The PID will come from a small set of…

  • CVE-2026-2473HigFeb 20, 2026
    risk 0.50cvss epss 0.00

    Predictable bucket naming in Vertex AI Experiments in Google Cloud Vertex AI from version 1.21.0 up to (but not including) 1.133.0 on Google Cloud Platform allows an unauthenticated remote attacker to achieve cross-tenant remote code execution, model theft, and poisoning via…

  • CVE-2025-40933HigSep 17, 2025
    risk 0.49cvss 7.5epss 0.00

    Apache::AuthAny::Cookie v0.201 or earlier for Perl generates session ids insecurely. Session ids are generated using an MD5 hash of the epoch time and a call to the built-in rand function. The epoch time may be guessed, if it is not leaked from the HTTP Date header. The…

  • CVE-2025-40920HigAug 11, 2025
    risk 0.49cvss 8.6epss 0.00

    Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating UUIDs. * Data::UUID returns v3 UUIDs, which are generated from known…

  • CVE-2026-45673MedJun 12, 2026
    risk 0.44cvss 6.8epss 0.00

    Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination…

  • CVE-2026-5084MedMay 11, 2026
    risk 0.42cvss 6.5epss 0.00

    WebDyne::Session versions through 2.075 for Perl generates the session id insecurely. The session handler generates the session id from an MD5 hash seeded with a call to the built-in rand() function. The rand function is passed a maximum value based on the process id, the epoch…

  • CVE-2026-4269HigMar 16, 2026
    risk 0.42cvss 7.5epss 0.00

    A missing S3 ownership verification in the Bedrock AgentCore Starter Toolkit before version v0.1.13 may allow a remote actor to inject code during the build process, leading to code execution in the AgentCore Runtime. This issue only affects users of the Bedrock AgentCore…

  • CVE-2025-40919MedJul 16, 2025
    risk 0.42cvss 6.5epss 0.00

    Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be…

  • CVE-2025-13044MedApr 7, 2026
    risk 0.40cvss 6.2epss 0.00

    IBM Concert 1.0.0 through 2.2.0 creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2025-40923HigJul 16, 2025
    risk 0.40cvss 7.3epss 0.00

    Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time…

  • CVE-2026-5080MedApr 30, 2026
    risk 0.38cvss 5.9epss 0.00

    Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand() function to return a…

  • CVE-2025-59452MedOct 6, 2025
    risk 0.38cvss 5.8epss 0.00

    The YoSmart YoLink API through 2025-10-02 uses an endpoint URL that is derived from a device's MAC address along with an MD5 hash of non-secret information, such as a key that begins with cf50.

  • CVE-2023-34049MedNov 14, 2024
    risk 0.37cvss 6.7epss 0.00

    The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH…

  • CVE-2026-8503MedMay 15, 2026
    risk 0.35cvss 6.5epss 0.00

    Apache::Session::Generate::SHA256 versions before 1.3.19 for Perl create insecure session ids. Apache::Session::Generate::SHA256 generated session ids insecurely. The default session id generator returns a SHA-256 hash of the built-in rand() function, the epoch time, and the…