Lucene search
+L

4 matches found

Circl
Circl
added 2025/03/20 1:3 p.m.9 views

CVE-2025-1796

creationtimestamp| type| source ---|---|--- 2025-03-20 13:03:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lksr452mrb2w 2025-03-20 13:12:59+00:00| seen| https://t.me/cvedetector/20707 2025-03-20 19:18:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8...

8.8CVSS7.3AI score0.00542EPSS
Exploits1References3
NVD
NVD
added 2025/03/20 10:15 a.m.25 views

CVE-2025-1796

A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator PRNG used for generating password reset codes. The application uses random.randint for this purpose, which is not suitable...

8.8CVSS0.00542EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/20 10:8 a.m.7 views

CVE-2025-1796 Admin account takeover through weak Pseudo-Random number generator used in generating password reset codes in langgenius/dify

A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator PRNG used for generating password reset codes. The application uses random.randint for this purpose, which is not suitable...

7.5CVSS7.6AI score0.00542EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:8 a.m.21 views

CVE-2025-1796 Admin account takeover through weak Pseudo-Random number generator used in generating password reset codes in langgenius/dify

A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator PRNG used for generating password reset codes. The application uses random.randint for this purpose, which is not suitable...

7.5CVSS0.00542EPSS
Exploits1References1
Rows per page
Query Builder