CVE-2026-33710

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, REST API keys are generated using md5time + userid 5 - rand10000, 10000. The rand10000, 10000 call always returns exactly 10000 min == max, making the formula effectively md5timestamp + userid5 - 10000. An attacker who...

SUSE CVE-2026-23999

Fleet is open source device management software. In versions prior to 4.80.1, Fleet generated device lock and wipe PINs using a predictable algorithm based solely on the current Unix timestamp. Because no secret key or additional entropy was used, the resulting PIN could potentially be derived if...

CVE-2026-23999

Fleet is open source device management software. In versions prior to 4.80.1, Fleet generated device lock and wipe PINs using a predictable algorithm based solely on the current Unix timestamp. Because no secret key or additional entropy was used, the resulting PIN could potentially be derived if...

EUVD-2026-8826

Fleet: Device lock PIN can be predicted if lock time is known...

CVE-2026-23999 Fleet: Device lock PIN can be predicted if lock time is known

Fleet is open source device management software. In versions prior to 4.80.1, Fleet generated device lock and wipe PINs using a predictable algorithm based solely on the current Unix timestamp. Because no secret key or additional entropy was used, the resulting PIN could potentially be derived if...

CVE-2026-23999

CVE-2026-23999 affects Fleet open source device management before version 4.80.1. The vulnerability stems from a predictable 6‑digit PIN (device lock/wipe) derived from the current Unix timestamp without secret entropy, allowing an attacker with physical access and knowledge of approximate lock t...

CVE-2026-23999

Fleet is open source device management software. In versions prior to 4.80.1, Fleet generated device lock and wipe PINs using a predictable algorithm based solely on the current Unix timestamp. Because no secret key or additional entropy was used, the resulting PIN could potentially be derived if...

CVE-2026-23999 Fleet: Device lock PIN can be predicted if lock time is known

Fleet is open source device management software. In versions prior to 4.80.1, Fleet generated device lock and wipe PINs using a predictable algorithm based solely on the current Unix timestamp. Because no secret key or additional entropy was used, the resulting PIN could potentially be derived if...

CVE-2025-55796

The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...

PT-2025-47340

Name of the Vulnerable Software and Affected Versions openml/openml.org web application version v2.0.20241110 Description The web application generates predictable tokens based on MD5 hashing for critical user actions, including signup confirmation, password resets, email confirmation resends, an...

CVE-2025-55796

OpenML Frontend (openml.org) web app version v2.0.20241110 is affected by a token-generation flaw. Tokens used for signup confirmation, password resets, email confirmations/resends, and email changes are MD5-based and generated from the current timestamp (format "%d %H:%M:%S") without user-specif...

EUVD-2025-198034

The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...

CVE-2025-62774

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...

CVE-2025-62774

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...

Mercku M6a 安全特征问题漏洞

Mercku M6a is a WiFi router from Mercku USA. A security feature issue vulnerability exists in Mercku M6a version 2.1.0 and earlier, which stems from the authentication system's use of predictable session tokens based on timestamps, which could lead to authentication bypass...

EUVD-2025-35313

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...

CVE-2025-62774

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...

@keystone-6/core's bundled cuid package known to be insecure

Summary The cuid package used by @keystone-6/ and upstream dependencies is deprecated and marked as insecure by the author. As reported by the author Cuid and other k-sortable and non-cryptographic ids Ulid, ObjectId, KSUID, all UUIDs are all insecure. Use @paralleldrive/cuid2 instead. What are...

Design flaws at fast breakfast app login

Fast Breakfast APP is a mobile service software. There is a design vulnerability in the login of Fast Breakfast App, which uses a timestamp to verify whether a user is logged in, and takes the MD5 value of the first 10 digits of the timestamp to mark whether the user is logged in or not; and ther...

金蝶云之家博客任意用户密码重置

简要描述： 详细说明： 地址： http://kdweibo.com/home 依次点击： 登陆--忘记登陆密码 然后登陆邮箱查看重置链接是否存在缺陷 上图中可看到，请求链接存在u和t的参数： 尝试数次后可观察到，u是固定不变的，大概是userName相关的串，而t是有规律的递增。 紧接着尝试重置密码的操作，发现u这个参数是无用的，post请求只发送一个t参数和表单中的新密码，如下图： 好了，现在我们开始研究这个t参数。在找回密码的第一个页面，连续数次提交我的邮箱地址，获取到5个重置密码的链接，把他们列在下面观察一下： 可以看出，t参数只有5-8位...