Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-330

CWE-330

High likelihood

Use of Insufficiently Random Values

Parent: CWE-693 - Protection Mechanism Failure

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

364 vulnerabilities with CWE-330

CVE-2026-40975 MEDIUM

Spring Boot <4.0.6 - Weak PRNG for Secrets

CVE-2026-40496 CRITICAL

FreeScout has Predictable Attachment Token that Allows Unauthenticated Private File Download via Brute Force

CVE-2026-40306 MEDIUM

DNN has same HostGUID for all new installs

CVE-2026-33710 HIGH

Chamilo LMS has Weak REST API Key Generation (Predictable)

CVE-2026-34511 MEDIUM

OpenClaw < 2026.4.2 - PKCE Verifier Exposure via OAuth State Parameter

CVE-2026-25072 CRITICAL

XikeStor SKS8310-8X <1.04.B07 - Auth Bypass

CVE-2026-20101 HIGH

Cisco Secure Firewall ASA/FTD - DoS

CVE-2026-28415 MEDIUM

Gradio <6.6.0 - Open Redirect

CVE-2026-27755 CRITICAL

SODOLA SL902-SWTGW124AS <200.1.20 - Auth Bypass

CVE-2026-23999 MEDIUM

Fleet <4.80.1 - Predictable PIN Generation

CVE-2026-27637 CRITICAL

FreeScout <1.8.206 - Auth Bypass

CVE-2026-27515 CRITICAL

Binardat 10G08-0800GSM <V300SP10260209 - Auth Bypass

CVE-2026-2966 LOW

Cesanta Mongoose <=7.20 - DNS Transaction ID Weakness

CVE-2026-21444 MEDIUM

libtpms <0.10.2 - Buffer Overflow

CVE-2025-15603 LOW

open-webui <=0.6.16 - Insufficient Randomness

CVE-2025-15574 MEDIUM

Solax Cloud MQTT - Authentication Bypass

CVE-2025-64097 CRITICAL

NervesHub <2.3.0 - Info Disclosure

CVE-2025-68704 HIGH

Jervis <2.2 - Info Disclosure

CVE-2025-11723 MEDIUM

Simply Schedule Appointments Booking Plugin <1.6.9.5 - Info Disclosure

CVE-2025-11707 MEDIUM

Login Lockdown & Protection <2.14 - Auth Bypass

CVE-2025-13955 CRITICAL

EZCast Pro II <1.17478.146 - Info Disclosure

CVE-2025-66511 MEDIUM

Nextcloud Calendar <6.0.3 - Info Disclosure

CVE-2025-13353 MEDIUM

gokey <0.2.0 - Info Disclosure

CVE-2025-59371 HIGH

ASUS Router Firmware - Auth Bypass

CVE-2025-13470 HIGH

RNP 0.18.0 - Confidentiality Compromise

Page 1 of 15 Next

Details

Vulnerabilities 364

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy