Skip to main content

CWE-331

Insufficient Entropy

90 CVEs Avg CVSS 7.2 MITRE
15
CRITICAL
38
HIGH
33
MEDIUM
1
LOW
12
POC
0
KEV

Monthly

CVE-2026-11403 HIGH PATCH This Week

Improper API key generation in Sonatype Nexus Repository Manager lets a remote attacker impersonate a targeted user and perform repository operations on their behalf. The flaw stems from insufficient entropy (CWE-331) in format-specific API key realms, so an attacker who can predict or reconstruct a victim's key gains their access without credentials. The vendor (Sonatype) reported and patched the issue in release 3.93.0; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Docker Authentication Bypass Node.js Nexus Repository Manager
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-13199 MEDIUM PATCH This Month

Predictable KASLR offsets and RNG seeds in Raspberry Pi 5 and Compute Module 5 EEPROM firmware undermine kernel address space layout randomization across all affected devices and reboots. Because the entropy source is deterministic, any attacker who can identify the firmware version can predict kernel memory addresses, reducing KASLR to a known-offset bypass. This does not itself enable code execution, but it significantly lowers the bar for chaining with any memory-corruption vulnerability targeting these devices. No public exploit code has been identified at time of analysis and this is not listed in the CISA KEV catalog.

Information Disclosure Raspberry Pi 5 And Compute Module 5
NVD GitHub
CVSS 4.0
5.1
EPSS
0.1%
CVE-2026-4930 HIGH This Week

Reduced cryptographic key protection in Silicon Labs' SiXG301 SYMCRYPTO hardware engine (exposed via the Simplicity SDK PSA crypto library) allows an attacker who already has on-device code execution to weaken the engine's Differential Power Analysis (DPA) countermeasures by forcing low-entropy seed values, making AES/hashing keys far easier to recover through subsequent power-analysis side-channel attacks. The flaw affects embedded systems built on the SiXG301 SoC and was reported by Silicon Labs. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; exploitation also requires physical access to the device for the power measurements.

RCE Simplicity Sdk
NVD
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-46473 HIGH PATCH This Week

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.

Information Disclosure Authen
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8700 HIGH PATCH This Week

Cryptographic weakness in Crypt::DSA for Perl versions before 1.20 allows remote attackers to predict DSA key material because seeds are generated with Perl's built-in rand() function instead of a cryptographically secure random source. Any DSA keys, signatures, or nonces produced by affected versions may be recoverable through brute-force or statistical analysis of the predictable PRNG state. No public exploit identified at time of analysis, and EPSS probability is negligible (0.01%), but the cryptographic primitive failure means all keys generated by vulnerable versions should be considered untrusted.

Information Disclosure
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-46474 HIGH PATCH This Week

Insufficient entropy in Trog::TOTP for Perl (versions before 1.006) allows remote attackers to predict TOTP secrets generated using Perl's built-in rand() function, undermining the security of two-factor authentication tokens issued by applications relying on this module. The flaw was reported by CPANSec and a fixed release (1.006) is available on CPAN. No public exploit identified at time of analysis, and the EPSS score is very low (0.02%).

Information Disclosure Trog
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-14972 MEDIUM This Month

Insufficient randomness in DPA countermeasures within the SYMCRYPTO engine on Silicon Labs SixG301xxx devices enables physical attackers to extract cryptographic keys through side-channel analysis. The predictable countermeasure patterns eventually repeat, undermining differential power analysis (DPA) protections for Key Storage Unit (KSU) keys. While exploitation requires physical access and sophisticated equipment (CVSS 4.0 AV:P/AC:H), successful attacks achieve high confidentiality impact by recovering symmetric cryptographic keys. No public exploit code or CISA KEV listing exists at time of analysis, and EPSS data is not available for this recently disclosed vulnerability.

Information Disclosure
NVD
CVSS 4.0
4.1
EPSS
0.0%
CVE-2026-4827 HIGH CISA This Week

Weak session token generation in Schneider Electric industrial protection relays and energy management systems allows remote attackers to hijack authenticated user sessions via network-based prediction attacks. Affects 36 product variants across Easergy MiCOM P30/P40/C264, PowerLogic P5/P7/T-series, EcoStruxure Power Automation/Operation platforms, and iPMFLS systems. CVSS 8.7 reflects high confidentiality and integrity impact with user interaction required. No active exploitation confirmed (not in CISA KEV), but authentication bypass via session prediction enables privilege escalation in critical infrastructure environments. EPSS data not provided - risk assessment relies on CVSS vector and operational technology context.

Authentication Bypass Easergy Micom C264 Easergy C5 Easergy Micom P30 Easergy Micom P40 +10
NVD VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-7210 MEDIUM PATCH This Month

XML parsers in CPython's xml.parsers.expat and xml.etree.ElementTree modules use insufficient entropy for Expat hash-flooding protection, allowing crafted XML documents to trigger algorithmic complexity attacks (hash flooding) that degrade parser performance. Remote attackers can exploit this with complex XML payloads to cause denial of service. Mitigation requires both updating libexpat to 2.8.0 or later and applying the CPython patch, as confirmed by Python Software Foundation security advisory.

Information Disclosure Cpython
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-2336 HIGH PATCH This Week

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03.

Privilege Escalation Istax
NVD VulDB
CVSS 4.0
8.7
EPSS
0.0%
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Improper API key generation in Sonatype Nexus Repository Manager lets a remote attacker impersonate a targeted user and perform repository operations on their behalf. The flaw stems from insufficient entropy (CWE-331) in format-specific API key realms, so an attacker who can predict or reconstruct a victim's key gains their access without credentials. The vendor (Sonatype) reported and patched the issue in release 3.93.0; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Docker Authentication Bypass Node.js +1
NVD
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Predictable KASLR offsets and RNG seeds in Raspberry Pi 5 and Compute Module 5 EEPROM firmware undermine kernel address space layout randomization across all affected devices and reboots. Because the entropy source is deterministic, any attacker who can identify the firmware version can predict kernel memory addresses, reducing KASLR to a known-offset bypass. This does not itself enable code execution, but it significantly lowers the bar for chaining with any memory-corruption vulnerability targeting these devices. No public exploit code has been identified at time of analysis and this is not listed in the CISA KEV catalog.

Information Disclosure Raspberry Pi 5 And Compute Module 5
NVD GitHub
EPSS 0% CVSS 7.1
HIGH This Week

Reduced cryptographic key protection in Silicon Labs' SiXG301 SYMCRYPTO hardware engine (exposed via the Simplicity SDK PSA crypto library) allows an attacker who already has on-device code execution to weaken the engine's Differential Power Analysis (DPA) countermeasures by forcing low-entropy seed values, making AES/hashing keys far easier to recover through subsequent power-analysis side-channel attacks. The flaw affects embedded systems built on the SiXG301 SoC and was reported by Silicon Labs. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; exploitation also requires physical access to the device for the power measurements.

RCE Simplicity Sdk
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.

Information Disclosure Authen
NVD GitHub VulDB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Cryptographic weakness in Crypt::DSA for Perl versions before 1.20 allows remote attackers to predict DSA key material because seeds are generated with Perl's built-in rand() function instead of a cryptographically secure random source. Any DSA keys, signatures, or nonces produced by affected versions may be recoverable through brute-force or statistical analysis of the predictable PRNG state. No public exploit identified at time of analysis, and EPSS probability is negligible (0.01%), but the cryptographic primitive failure means all keys generated by vulnerable versions should be considered untrusted.

Information Disclosure
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Insufficient entropy in Trog::TOTP for Perl (versions before 1.006) allows remote attackers to predict TOTP secrets generated using Perl's built-in rand() function, undermining the security of two-factor authentication tokens issued by applications relying on this module. The flaw was reported by CPANSec and a fixed release (1.006) is available on CPAN. No public exploit identified at time of analysis, and the EPSS score is very low (0.02%).

Information Disclosure Trog
NVD VulDB
EPSS 0% CVSS 4.1
MEDIUM This Month

Insufficient randomness in DPA countermeasures within the SYMCRYPTO engine on Silicon Labs SixG301xxx devices enables physical attackers to extract cryptographic keys through side-channel analysis. The predictable countermeasure patterns eventually repeat, undermining differential power analysis (DPA) protections for Key Storage Unit (KSU) keys. While exploitation requires physical access and sophisticated equipment (CVSS 4.0 AV:P/AC:H), successful attacks achieve high confidentiality impact by recovering symmetric cryptographic keys. No public exploit code or CISA KEV listing exists at time of analysis, and EPSS data is not available for this recently disclosed vulnerability.

Information Disclosure
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Weak session token generation in Schneider Electric industrial protection relays and energy management systems allows remote attackers to hijack authenticated user sessions via network-based prediction attacks. Affects 36 product variants across Easergy MiCOM P30/P40/C264, PowerLogic P5/P7/T-series, EcoStruxure Power Automation/Operation platforms, and iPMFLS systems. CVSS 8.7 reflects high confidentiality and integrity impact with user interaction required. No active exploitation confirmed (not in CISA KEV), but authentication bypass via session prediction enables privilege escalation in critical infrastructure environments. EPSS data not provided - risk assessment relies on CVSS vector and operational technology context.

Authentication Bypass Easergy Micom C264 Easergy C5 +12
NVD VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

XML parsers in CPython's xml.parsers.expat and xml.etree.ElementTree modules use insufficient entropy for Expat hash-flooding protection, allowing crafted XML documents to trigger algorithmic complexity attacks (hash flooding) that degrade parser performance. Remote attackers can exploit this with complex XML payloads to cause denial of service. Mitigation requires both updating libexpat to 2.8.0 or later and applying the CPython patch, as confirmed by Python Software Foundation security advisory.

Information Disclosure Cpython
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03.

Privilege Escalation Istax
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy