Skip to main content

CWE-337

Predictable Seed in Pseudo-Random Number Generator (PRNG)

5 CVEs Avg CVSS 6.9 MITRE
0
CRITICAL
4
HIGH
0
MEDIUM
1
LOW
1
POC
0
KEV

Monthly

CVE-2026-26018 Go HIGH POC PATCH This Week

Coredns versions up to 1.14.2 contains a vulnerability that allows attackers to crash the DNS server by sending specially crafted DNS queries (CVSS 7.5).

Denial Of Service DNS Red Hat Coredns Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25235 HIGH This Week

Pearweb versions up to 1.33.0 contains a vulnerability that allows attackers to guess verification tokens and potentially verify election account requests witho (CVSS 7.5).

PHP Pearweb
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-55069 HIGH This Month

A predictable seed in pseudo-random number generator vulnerability has been discovered in firmware version 3.60 of the Click Plus PLC. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
8.7
EPSS
0.0%
CVE-2025-20613 LOW Monitor

Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for some Intel(R) TDX may allow an authenticated user to potentially enable information disclosure via local access. Rated low severity (CVSS 2.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel
NVD
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-7770 HIGH This Month

Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-26018 Go
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Coredns versions up to 1.14.2 contains a vulnerability that allows attackers to crash the DNS server by sending specially crafted DNS queries (CVSS 7.5).

Denial Of Service DNS Red Hat +2
NVD GitHub
CVE-2026-25235
EPSS 0% CVSS 7.5
HIGH This Week

Pearweb versions up to 1.33.0 contains a vulnerability that allows attackers to guess verification tokens and potentially verify election account requests witho (CVSS 7.5).

PHP Pearweb
NVD GitHub
CVE-2025-55069
EPSS 0% CVSS 8.7
HIGH This Month

A predictable seed in pseudo-random number generator vulnerability has been discovered in firmware version 3.60 of the Click Plus PLC. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVE-2025-20613
EPSS 0% CVSS 2.0
LOW Monitor

Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for some Intel(R) TDX may allow an authenticated user to potentially enable information disclosure via local access. Rated low severity (CVSS 2.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel
NVD
CVE-2025-7770
EPSS 0% CVSS 8.7
HIGH This Month

Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy