CVEs classified under CWE-341, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2026-38968 — CVSS 9.8 (critical): ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in…
CVE-2026-42365 — CVSS 8.6 (high): A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted…
CVE-2025-40780 — CVSS 8.6 (high): In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to…
CVE-2025-48461 — CVSS 5.0 (medium): Successful exploitation of the vulnerability could allow an unauthenticated attacker to conduct brute force guessing and account takeover…
CVE-2025-42925 — CVSS 4.3 (medium): Due to the lack of randomness in assigning Object Identifiers in the SAP NetWeaver AS JAVA IIOP service, an authenticated attacker with low…
CVE-2024-10141 — CVSS 3.7 (low): A vulnerability, which was classified as problematic, was found in jsbroks COCO Annotator 0.11.1. This affects an unknown part of the…