CVE-2026-6659 Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts

Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography...

PT-2026-39185

Name of the Vulnerable Software and Affected Versions Crypt::PasswdMD5 versions prior to 1.43 Description The software generates insecure random values for salts because the built-in rand function is predictable and unsuitable for cryptographic purposes. Recommendations Update to a version later...

CVE-2026-7847

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

Use of Predictable Algorithm in Random Number Generator

Overview keylime is a TPM-based key bootstrapping and system integrity measurement system for cloud Affected versions of this package are vulnerable to Use of Predictable Algorithm in Random Number Generator in the generatechallenge method. An attacker can evade detection and bypass security...

CVE-2026-6420

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

EUVD-2026-27408

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

CVE-2026-7847

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

CVE-2026-7847 chatchat-space Langchain-Chatchat Uploaded File openai_routes.py _get_file_id random values

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

CVE-2026-7847

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

CVE-2026-7847

CVE-2026-7847 affects chatchat-space Langchain-Chatchat up to v0.3.1.3. The vulnerability is in the function _get_file_id within libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the Uploaded File Handler. Manipulation leads to insufficiently random values, with local-network ac...

CVE-2026-7847 chatchat-space Langchain-Chatchat Uploaded File openai_routes.py _get_file_id random values

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

PT-2026-37091

Name of the Vulnerable Software and Affected Versions Langchain-Chatchat versions prior to 0.3.1.4 Description An issue exists in the Uploaded File Handler component within the get file id function of the file libs/chatchat-server/chatchat/server/api server/openai routes.py. Manipulation of this...

Astra Linux - уязвимость в samba

In Samba, GnuTLS’ gnutlsrnd function may fail, resulting in predictable random values...

Astra Linux - уязвимость в node-form-data

The use of insufficiently random values in form-data allows for HTTP Parameter Pollution HPP. This vulnerability is associated with the program file lib/formdata.Js. This issue affects form-data versions: 2.5.4, 3.0.0 – 3.0.3, 4.0.0 – 4.0.3...

Juniper Junos OS Multiple Vulnerabilities (JSA88112)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA88112 advisory. - c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to generate random numbers used for DNS query ids...

CVE-2026-40975

Values produced by $random.value are not suitable for use as secrets. $random.uuid is not affected. $random.int and $random.long should never be used for secrets as they are numeric values with a predictable range. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15...

CVE-2026-40514

SmarterTools SmarterMail builds prior to 9610 contain a cryptographic weakness in the file and email sharing endpoints that use DES-CBC encryption with keys and initialization vectors derived from System.Random seeded with insufficient entropy, reducing the seed space to approximately 19,000...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010967)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010967 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: rng - Ensure setent is always present Ensure that setent is always set since only drbg...

CVE-2026-5088

Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts. The makesalt and makesaltbcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simply...

CVE-2026-5088 Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts

Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts. The makesalt and makesaltbcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simply...