CWE-1241— Use of Predictable Algorithm in Random Number Generator
The device uses an algorithm that is predictable and generates a pseudo-random number.— MITRE CWE catalog
8 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1241page 1 of 1
- CVE-2021-3689HIGHCVSS 7.5EG 7.52021-08-10
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator
- CVE-2021-3692MEDIUMCVSS 5.3EG 5.32021-08-10
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator
- CVE-2023-4695HIGHCVSS 8.1EG 9.62023-09-01
Use of Predictable Algorithm in Random Number Generator in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
- CVE-2025-13079MEDIUMCVSS 5.3EG 5.32026-02-19
The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.2. This is due to the plugin generating predictable unsu…
- CVE-2025-32056MEDIUMCVSS 4.0EG 4.02026-01-22
The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values…
- CVE-2026-26018HIGHCVSS 7.5EG 7.52026-03-06
CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The…
- CVE-2026-57869HIGHCVSS 7.1EG 7.12026-07-07
Broken object-level access controls and the use of a deterministic pattern during random ID generation in MicroRealEstate allows attackers to access documents uploaded by landlords or tenants without authorization. This issue affects Micr…
- CVE-2026-6420MEDIUMCVSS 6.3EG 6.32026-05-06
A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platfo…
Map vulnerabilities like CWE-1241 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1241 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →