The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
121 vulnerabilities with CWE-331
CVE-2026-2878
MEDIUM
Progress Telerik UI for AJAX <2026.1.225 - Info Disclosure
CVSS 5.3
CVE-2025-0577
MEDIUM
glibc - Insufficient Entropy
CVSS 4.8
CVE-2026-2541
Micca KE700 - Info Disclosure
CVE-2025-7432
Silicon Labs' Series 2 - Info Disclosure
CVE-2026-1814
Rapid7 Nexpose >=6.4.50 - Info Disclosure
CVE-2025-13399
VX800v v1.0 - Info Disclosure
CVE-2026-22698
RustCrypto <0.14.0-rc.0 - RCE
CVE-2020-36925
CRITICAL
Arteco Web Client DVR/NVR - Auth Bypass
CVSS 9.8
CVE-2025-15387
HIGH
VPN Firewall - Info Disclosure
CVSS 8.8
CVE-2025-67504
CRITICAL
Wbce Cms < 1.6.5 - Privilege Escalation
CVSS 9.1
CVE-2025-66565
CRITICAL
Fiber Utils <2.0.0-rc.3 - Info Disclosure
CVSS 9.8
CVE-2025-14261
HIGH
Litmus - Auth Bypass
CVSS 7.1
CVE-2025-32898
MEDIUM
KDE Connect <2025-04-18 - Info Disclosure
CVSS 4.7
CVE-2025-62774
LOW
Mercku M6a <2.1.0 - Info Disclosure
CVSS 3.1
CVE-2024-58040
CRITICAL
Crypt::RandomEncryption 0.01 - Insecure RNG
CVSS 9.1
CVE-2025-59015
MEDIUM
TYPO3 CMS <13.4.17 - Info Disclosure
CVSS 6.5
CVE-2025-54885
Thinbus Javascript Secure Remote Password <2.0.0 - Info Disclosure
CVE-2025-50122
Unknown - Info Disclosure
CVE-2025-6931
LOW
D-Link DCS-6517/7517 <2.02.0 - Insufficient Entropy
CVSS 3.7
CVE-2025-52464
HIGH
Meshtastic <2.6.11 - Info Disclosure
CVSS 8.3
CVE-2025-47781
CRITICAL
Rallly <3.22.1 - Info Disclosure
CVSS 9.8
CVE-2024-58134
HIGH
Mojolicious <0.999922 - Info Disclosure
CVSS 8.1
CVE-2025-2814
MEDIUM
Crypt::CBC <3.05 - Info Disclosure
CVSS 4.0
CVE-2024-56370
MEDIUM
Net::Xero <0.044 - Info Disclosure
CVSS 6.5
CVE-2024-52322
MEDIUM
WebService::Xero <0.11 - Info Disclosure
CVSS 5.5
Details
Vulnerabilities
121