CWE-330
Use of Insufficiently Random Values
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
CVE-2026-50208 (GCVE-0-2026-50208)
Vulnerability from cvelistv5 – Published: 2026-06-04 07:09 – Updated: 2026-06-04 12:41- CWE-330 - Use of Insufficiently Random Values
| Vendor | Product | Version | |
|---|---|---|---|
| Acer | Connect M6E 5G Portable WiFi Router |
Affected:
* , ≤ M6E_AI_1.00.000019
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50208",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:41:51.553438Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:41:58.956Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Connect M6E 5G Portable WiFi Router",
"vendor": "Acer",
"versions": [
{
"lessThanOrEqual": "M6E_AI_1.00.000019",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ta-Lun Yen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "High-risk\u0026nbsp;\u003ccode\u003eTrustAllCerts\u003c/code\u003e\u0026nbsp;routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle (MITM) actor could decrypt network traffic."
}
],
"value": "High-risk\u00a0TrustAllCerts\u00a0routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle (MITM) actor could decrypt network traffic."
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94: Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330: Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T07:09:45.754Z",
"orgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"shortName": "Acer"
},
"references": [
{
"url": "https://community.acer.com/en/kb/articles/19707"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Permissive TrustAllCerts TLS Verification",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "8fc372e3-d9c5-46e4-9410-38469745c639",
"assignerShortName": "Acer",
"cveId": "CVE-2026-50208",
"datePublished": "2026-06-04T07:09:45.754Z",
"dateReserved": "2026-06-04T01:29:10.111Z",
"dateUpdated": "2026-06-04T12:41:58.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57082 (GCVE-0-2026-57082)
Vulnerability from cvelistv5 – Published: 2026-06-30 11:05 – Updated: 2026-06-30 14:20| URL | Tags |
|---|---|
| https://github.com/sanko/Net-BitTorrent.pm/securi… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| SANKO | Net::BitTorrent |
Affected:
0 , ≤ 2.0.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-57082",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-30T14:19:46.278267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T14:20:32.388Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Net-BitTorrent",
"product": "Net::BitTorrent",
"programFiles": [
"lib/Net/BitTorrent/Protocol/MSE/KeyExchange.pm",
"lib/Net/BitTorrent/Protocol/MSE.pm",
"lib/Net/BitTorrent/Peer.pm"
],
"programRoutines": [
{
"name": "Net::BitTorrent::Protocol::MSE::_random_pad"
}
],
"repo": "https://github.com/sanko/Net-BitTorrent.pm",
"vendor": "SANKO",
"versions": [
{
"lessThanOrEqual": "2.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG.\n\nThe MSE (Message Stream Encryption) handshake derives its 160-bit Diffie-Hellman private key from Perl\u0027s rand(), a non-cryptographic drand48-class generator seeded once per process, in KeyExchange.pm. The shared secret and the RC4 keys derived from it (the SHA-1 of \"keyA\" or \"keyB\", the shared secret, and the infohash) therefore depend entirely on a predictable PRNG. The same handshake sends, in cleartext, random padding drawn from the same rand() sequence in _random_pad, immediately after the public key and the private-key draw.\n\nA passive observer of the handshake recovers the PRNG state from the cleartext padding, reconstructs the private key, computes the shared secret from the peer\u0027s public key on the wire, derives the RC4 keys, and decrypts the connection, defeating the passive-observation obfuscation MSE provides."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T11:05:33.709Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/sanko/Net-BitTorrent.pm/security/advisories/GHSA-g444-x2c5-94hc"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG",
"workarounds": [
{
"lang": "en",
"value": "There is no fixed release. Draw the Diffie-Hellman private key and the handshake padding from a cryptographic source such as Crypt::URandom rather than rand()."
}
],
"x_generator": {
"engine": "cpansec-cna-tool 0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2026-57082",
"datePublished": "2026-06-30T11:05:33.709Z",
"dateReserved": "2026-06-23T18:20:33.514Z",
"dateUpdated": "2026-06-30T14:20:32.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7847 (GCVE-0-2026-7847)
Vulnerability from cvelistv5 – Published: 2026-05-05 16:30 – Updated: 2026-05-06 15:25| URL | Tags |
|---|---|
| https://vuldb.com/vuln/361126 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/361126/cti | signaturepermissions-required |
| https://vuldb.com/submit/807796 | third-party-advisory |
| https://github.com/chatchat-space/Langchain-Chatc… | issue-tracking |
| https://github.com/3em0/cve_repo/blob/main/Langch… | exploit |
| https://github.com/chatchat-space/Langchain-Chatchat/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| chatchat-space | Langchain-Chatchat |
Affected:
0.3.1.0
Affected: 0.3.1.1 Affected: 0.3.1.2 Affected: 0.3.1.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7847",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-05T18:41:10.851490Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T15:25:12.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Uploaded File Handler"
],
"product": "Langchain-Chatchat",
"vendor": "chatchat-space",
"versions": [
{
"status": "affected",
"version": "0.3.1.0"
},
{
"status": "affected",
"version": "0.3.1.1"
},
{
"status": "affected",
"version": "0.3.1.2"
},
{
"status": "affected",
"version": "0.3.1.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem00 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function _get_file_id of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently random values. Access to the local network is required for this attack. The attack\u0027s complexity is rated as high. The exploitability is described as difficult. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.4,
"vectorString": "AV:A/AC:H/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T16:30:13.695Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-361126 | chatchat-space Langchain-Chatchat Uploaded File openai_routes.py _get_file_id random values",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/361126"
},
{
"name": "VDB-361126 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/361126/cti"
},
{
"name": "Submit #807796 | chatchat-space Langchain-Chatchat 0.3.1.3 Use of Insufficiently Random Values / CWE-330",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/807796"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/chatchat-space/Langchain-Chatchat/issues/5464"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/3em0/cve_repo/blob/main/Langchain-Chatchat/Vuln-3-Predictable-File-ID.md"
},
{
"tags": [
"product"
],
"url": "https://github.com/chatchat-space/Langchain-Chatchat/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-05T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-05T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-05T12:26:20.000Z",
"value": "VulDB entry last update"
}
],
"title": "chatchat-space Langchain-Chatchat Uploaded File openai_routes.py _get_file_id random values"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7847",
"datePublished": "2026-05-05T16:30:13.695Z",
"dateReserved": "2026-05-05T10:21:00.280Z",
"dateUpdated": "2026-05-06T15:25:12.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
- In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
- Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
Mitigation
Phase: Implementation
Description:
- Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.
Mitigation ID: MIT-2
Phases: Architecture and Design, Requirements
Strategy: Libraries or Frameworks
Description:
- Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").
CAPEC-112: Brute Force
In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.
CAPEC-485: Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
CAPEC-59: Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.