4 matches found
CVE-2025-1796
creationtimestamp| type| source ---|---|--- 2025-03-20 13:03:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lksr452mrb2w 2025-03-20 13:12:59+00:00| seen| https://t.me/cvedetector/20707 2025-03-20 19:18:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8...
CVE-2025-1796
A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator PRNG used for generating password reset codes. The application uses random.randint for this purpose, which is not suitable...
CVE-2025-1796 Admin account takeover through weak Pseudo-Random number generator used in generating password reset codes in langgenius/dify
A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator PRNG used for generating password reset codes. The application uses random.randint for this purpose, which is not suitable...
CVE-2025-1796 Admin account takeover through weak Pseudo-Random number generator used in generating password reset codes in langgenius/dify
A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator PRNG used for generating password reset codes. The application uses random.randint for this purpose, which is not suitable...