CVEs classified under CWE-337, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2025-7770: Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a…
CVE-2025-55069 — CVSS 8.3 (high): A predictable seed in pseudo-random number generator vulnerability has been discovered in firmware version 3.60 of the Click Plus PLC. The…
CVE-2026-26018 — CVSS 7.5 (high): CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection…
CVE-2026-25235 — CVSS 7.5 (high): PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, predictable verification hashes may allow…
CVE-2025-62710 — CVSS 5.9 (medium): Sakai is a Collaboration and Learning Environment. Prior to versions 23.5 and 25.0, EncryptionUtilityServiceImpl initialized an…
CVE-2016-15006 — CVSS 3.7 (low): A vulnerability, which was classified as problematic, has been found in enigmaX up to 2.2. This issue affects the function getSeed of the…
CVE-2025-20613 — CVSS 3.3 (low): Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for some Intel(R) TDX may allow an authenticated user to…