CWE-340

CWE-340

No catalog description on file. The MITRE CWE site has the canonical reference.

CVEs (total)

4

Critical

1

High

0

Medium

1

Low

1

Severity distribution

Recent CVEs

showing 4 of 4

CVE-2026-45673—EPSS 0%17 h ago
Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port
maven
CVE-2026-42932Medium· 5.318 h ago
Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier
CVE-2026-5081Critical· 9.1EPSS 0%7 d ago
Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId (added in version 1.54) uses the value of the UNIQUE_ID environment variable for the session i
CVE-2025-10148LowEPSS 0%2026-04-25
curl/libcurl: predictable WebSocket mask
curl

CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.