Common Weakness Enumeration

CWE-340

Allowed-with-Review

Generation of Predictable Numbers or Identifiers

Abstraction: Class · Status: Incomplete

The product uses a scheme that generates numbers or identifiers that are more predictable than required.

69 vulnerabilities reference this CWE, most recent first.

GHSA-PH5V-R485-JFGW

Vulnerability from github – Published: 2025-10-06 21:30 – Updated: 2025-11-26 18:31
VLAI
Details

The YoSmart YoLink API through 2025-10-02 uses an endpoint URL that is derived from a device's MAC address along with an MD5 hash of non-secret information, such as a key that begins with cf50.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-59452"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-340"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-06T20:15:36Z",
    "severity": "MODERATE"
  },
  "details": "The YoSmart YoLink API through 2025-10-02 uses an endpoint URL that is derived from a device\u0027s MAC address along with an MD5 hash of non-secret information, such as a key that begins with cf50.",
  "id": "GHSA-ph5v-r485-jfgw",
  "modified": "2025-11-26T18:31:03Z",
  "published": "2025-10-06T21:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59452"
    },
    {
      "type": "WEB",
      "url": "https://bishopfox.com/blog/advisories"
    },
    {
      "type": "WEB",
      "url": "https://bishopfox.com/blog/how-a-20-smart-device-gave-me-access-to-your-home"
    },
    {
      "type": "WEB",
      "url": "https://shop.yosmart.com/pages/product-support"
    },
    {
      "type": "WEB",
      "url": "https://shop.yosmart.com/pages/sa-2025-001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PP74-39W2-V4W9

Vulnerability from github – Published: 2021-08-25 21:01 – Updated: 2023-04-03 19:13
VLAI
Summary
Permissions bypass in pleaser
Details

pleaseedit in pleaser before 0.4.0 uses predictable temporary filenames in /tmp and the target directory. This allows a local attacker to gain full root privileges by staging a symlink attack.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "pleaser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-31154"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-340",
      "CWE-59"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-06-01T19:34:12Z",
    "nvd_published_at": "2021-05-27T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "pleaseedit in pleaser before 0.4.0 uses predictable temporary filenames in /tmp and the target directory. This allows a local attacker to gain full root privileges by staging a symlink attack.",
  "id": "GHSA-pp74-39w2-v4w9",
  "modified": "2023-04-03T19:13:35Z",
  "published": "2021-08-25T21:01:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31154"
    },
    {
      "type": "WEB",
      "url": "https://crates.io/crates/pleaser"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/edneville/please"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/edneville/please/-/tree/master/src/bin"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2021-0102.html"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2021/05/18/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Permissions bypass in pleaser"
}

GHSA-RVMQ-WMG8-HQQ7

Vulnerability from github – Published: 2024-04-15 12:30 – Updated: 2024-08-29 21:31
VLAI
Details

Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-28957"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-340"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-15T11:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the device.",
  "id": "GHSA-rvmq-wmg8-hqq7",
  "modified": "2024-08-29T21:31:02Z",
  "published": "2024-04-15T12:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28957"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/vu/JVNVU94016877"
    },
    {
      "type": "WEB",
      "url": "https://www.cente.jp/obstacle/4956"
    },
    {
      "type": "WEB",
      "url": "https://www.cente.jp/obstacle/4963"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VM86-VFWQ-9QVC

Vulnerability from github – Published: 2025-11-20 18:31 – Updated: 2025-11-24 15:30
VLAI
Details

SOPlanning is vulnerable to Predictable Generation of Password Recovery Token. Due to weak mechanism of generating recovery tokens, a malicious attacker is able to brute-force all possible values and takeover any account in reasonable amount of time.

This issue was fixed in version 1.55.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-62294"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-340"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-20T16:15:59Z",
    "severity": "HIGH"
  },
  "details": "SOPlanning is vulnerable to Predictable Generation of Password Recovery Token. Due to weak mechanism of generating recovery tokens, a malicious attacker is able to brute-force all possible values and takeover any account in reasonable amount of time.\n\nThis issue was fixed in version 1.55.",
  "id": "GHSA-vm86-vfwq-9qvc",
  "modified": "2025-11-24T15:30:28Z",
  "published": "2025-11-20T18:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62294"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/en/posts/2025/11/CVE-2025-62293"
    },
    {
      "type": "WEB",
      "url": "https://www.soplanning.org/en"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-VW9R-C6XC-FPXH

Vulnerability from github – Published: 2025-10-15 15:30 – Updated: 2026-02-03 03:30
VLAI
Details

On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-58424"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-340"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-15T14:15:52Z",
    "severity": "MODERATE"
  },
  "details": "On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
  "id": "GHSA-vw9r-c6xc-fpxh",
  "modified": "2026-02-03T03:30:26Z",
  "published": "2025-10-15T15:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58424"
    },
    {
      "type": "WEB",
      "url": "https://my.f5.com/manage/s/article/K000151297"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-WH2J-26J7-9728

Vulnerability from github – Published: 2026-02-20 21:31 – Updated: 2026-02-20 22:41
VLAI
Summary
Google Cloud Vertex AI has a a vulnerability involving predictable bucket naming
Details

Predictable bucket naming in Vertex AI Experiments in Google Cloud Vertex AI from version 1.21.0 up to (but not including) 1.133.0 on Google Cloud Platform allows an unauthenticated remote attacker to achieve cross-tenant remote code execution, model theft, and poisoning via pre-creating predictably named Cloud Storage buckets (Bucket Squatting).

This vulnerability was patched and no customer action is needed.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "google-cloud-aiplatform"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.21.0"
            },
            {
              "fixed": "1.133.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-2473"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-340"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-20T22:41:41Z",
    "nvd_published_at": "2026-02-20T20:25:24Z",
    "severity": "HIGH"
  },
  "details": "Predictable bucket naming in Vertex AI Experiments in Google Cloud Vertex AI from version 1.21.0 up to\u00a0(but not including) 1.133.0 on Google Cloud Platform allows an unauthenticated remote attacker to achieve cross-tenant remote code execution, model theft, and poisoning via pre-creating predictably named Cloud Storage buckets (Bucket Squatting).\n\nThis vulnerability was patched and no customer action is needed.",
  "id": "GHSA-wh2j-26j7-9728",
  "modified": "2026-02-20T22:41:41Z",
  "published": "2026-02-20T21:31:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2473"
    },
    {
      "type": "WEB",
      "url": "https://docs.cloud.google.com/support/bulletins#gcp-2026-012"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/googleapis/python-aiplatform"
    },
    {
      "type": "WEB",
      "url": "https://github.com/googleapis/python-aiplatform/releases/tag/v1.133.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Clear",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Google Cloud Vertex AI has a a vulnerability involving predictable bucket naming"
}

GHSA-X87P-MC42-F63G

Vulnerability from github – Published: 2026-06-12 21:31 – Updated: 2026-06-12 21:31
VLAI
Details

Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-42932"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-340"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-12T19:16:27Z",
    "severity": "MODERATE"
  },
  "details": "Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated.",
  "id": "GHSA-x87p-mc42-f63g",
  "modified": "2026-06-12T21:31:44Z",
  "published": "2026-06-12T21:31:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42932"
    },
    {
      "type": "WEB",
      "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-162-02.json"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-162-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-XFHR-Q72Q-JCRJ

Vulnerability from github – Published: 2026-03-17 20:34 – Updated: 2026-03-17 20:34
VLAI
Summary
Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit
Details

Summary

An issue has been identified in the Bedrock AgentCore Starter Toolkit versions prior to v0.1.13 that may allow a remote actor to inject code during the build process, leading to code execution in the AgentCore Runtime.

Impact

A remote actor could inject code during the build process, leading to code execution in the AgentCore Runtime and a complete loss of confidentiality, integrity, and availability of the affected AgentCore resource.

Impacted versions: All versions of Bedrock AgentCore Starter Toolkit versions before v0.1.13. This issue only affects users of the Bedrock AgentCore Starter Toolkit before version v0.1.13 who build the Toolkit after September 24, 2025. Any users on a version >=v0.1.13, and any users on previous versions who built the toolkit before September 24, 2025 date are not affected.

Patches

This issue has been addressed in version v0.1.13. AWS recommends upgrading to the latest version and ensuring any forked or derivative code is patched to incorporate the new fixes.

Workarounds

N/A

References

If you have any questions or comments about this advisory, contact [AWS/Amazon] Security via our vulnerability reporting page or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "bedrock-agentcore-starter-toolkit"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.1.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-4269"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-283",
      "CWE-340"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-17T20:34:21Z",
    "nvd_published_at": "2026-03-16T18:16:11Z",
    "severity": "MODERATE"
  },
  "details": "## Summary\nAn issue has been identified in the Bedrock AgentCore Starter Toolkit versions prior to v0.1.13 that may allow a remote actor to inject code during the build process, leading to code execution in the AgentCore Runtime.\n\n\n## Impact\nA remote actor could inject code during the build process, leading to code execution in the AgentCore Runtime and a complete loss of confidentiality, integrity, and availability of the affected AgentCore resource.\n\nImpacted versions:  All versions of Bedrock AgentCore Starter Toolkit versions before v0.1.13. This issue only affects users of the Bedrock AgentCore Starter Toolkit before version v0.1.13 who build the Toolkit after September 24, 2025. Any users on a version \u003e=v0.1.13, and any users on previous versions who built the toolkit before September 24, 2025 date are not affected. \n\n## Patches\nThis issue has been addressed in version v0.1.13. AWS recommends upgrading to the latest version and ensuring any forked or derivative code is patched to incorporate the new fixes. \n\n## Workarounds\nN/A\n\n## References\nIf you have any questions or comments about this advisory, contact [AWS/Amazon] Security via our [vulnerability reporting page](https://aws.amazon.com/security/vulnerability-reporting) or directly via email to [aws-security@amazon.com](mailto:aws-security@amazon.com). Please do not create a public GitHub issue.",
  "id": "GHSA-xfhr-q72q-jcrj",
  "modified": "2026-03-17T20:34:21Z",
  "published": "2026-03-17T20:34:21Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/aws/bedrock-agentcore-starter-toolkit/security/advisories/GHSA-xfhr-q72q-jcrj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4269"
    },
    {
      "type": "WEB",
      "url": "https://aws.amazon.com/security/security-bulletins/2026-008-AWS"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/aws/bedrock-agentcore-starter-toolkit"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aws/bedrock-agentcore-starter-toolkit/releases/tag/v0.1.13"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit"
}

GHSA-XMV7-R254-6Q78

Vulnerability from github – Published: 2026-06-08 23:02 – Updated: 2026-06-12 19:29
VLAI
Summary
Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port
Details

Summary

Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entropy of DNS queries, enabling DNS Cache Poisoning (Kaminsky attack).

Details

Two factors contribute to this vulnerability in io.netty.resolver.dns: - Predictable Query IDs: DnsQueryIdSpace manages 16-bit transaction IDs in buckets of 16,384 IDs. It initializes only the first bucket. When an ID is returned, it is pushed back into the bucket at a random index generated by java.util.concurrent.ThreadLocalRandom:

Random random = ThreadLocalRandom.current();
int insertionPosition = random.nextInt(count + 1);

Because ThreadLocalRandom is a predictable LCG and the resolver operates within a single bucket, the sequence of IDs is predictable once the PRNG state is mathematically recovered.

  • Default Static Source Port: DnsNameResolverBuilder defaults to a channelStrategy of ChannelPerResolver. This binds the DatagramChannel once, resulting in a static source port for all subsequent queries.

Combined, a static source port and predictable transaction IDs reduces the entropy required to secure DNS resolution against spoofing.

Impact

DNS Cache Poisoning. Downstream applications using the default Netty DNS resolver may connect to malicious IPs, leading to traffic interception or MitM attacks.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.2.14.Final"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "io.netty:netty-resolver-dns"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2.0.Final"
            },
            {
              "fixed": "4.2.15.Final"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.1.134.Final"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "io.netty:netty-resolver-dns"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.135.Final"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-45673"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330",
      "CWE-340"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-08T23:02:05Z",
    "nvd_published_at": "2026-06-12T15:16:27Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\nNetty\u0027s DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entropy of DNS queries, enabling DNS Cache Poisoning (Kaminsky attack).\n\n### Details\nTwo factors contribute to this vulnerability in io.netty.resolver.dns:\n- Predictable Query IDs: `DnsQueryIdSpace` manages 16-bit transaction IDs in buckets of 16,384 IDs. It initializes only the first bucket. When an ID is returned, it is pushed back into the bucket at a random index generated by java.util.concurrent.ThreadLocalRandom:\n\n```java\nRandom random = ThreadLocalRandom.current();\nint insertionPosition = random.nextInt(count + 1);\n```\n\nBecause ThreadLocalRandom is a predictable LCG and the resolver operates within a single bucket, the sequence of IDs is predictable once the PRNG state is mathematically recovered.\n\n- Default Static Source Port: `DnsNameResolverBuilder` defaults to a `channelStrategy` of `ChannelPerResolver`. This binds the DatagramChannel once, resulting in a static source port for all subsequent queries.\n\nCombined, a static source port and predictable transaction IDs reduces the entropy required to secure DNS resolution against spoofing.\n\n### Impact\nDNS Cache Poisoning. Downstream applications using the default Netty DNS resolver may connect to malicious IPs, leading to traffic interception or MitM attacks.",
  "id": "GHSA-xmv7-r254-6q78",
  "modified": "2026-06-12T19:29:30Z",
  "published": "2026-06-08T23:02:05Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/netty/netty/security/advisories/GHSA-xmv7-r254-6q78"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45673"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/netty/netty"
    },
    {
      "type": "WEB",
      "url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
    },
    {
      "type": "WEB",
      "url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.