CVE-2026-44054

Netatalk 2.0.0 through 4.4.2 generates AFP session tokens derived from predictable process IDs, which allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism...

CVE-2026-41505 RELATE: Predictable Token Generation in auth.py and exam.py

RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's makesigninkey function and exam.py's genticketcode function. This issue has been patched via commit 2f68e16...

CVE-2026-41505

RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's makesigninkey function and exam.py's genticketcode function. This issue has been patched via commit 2f68e16...

EUVD-2026-28379

RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's makesigninkey function and exam.py's genticketcode function. This issue has been patched via commit 2f68e16...

RELATE 安全特征问题漏洞

RELATE is a web-based course package developed by Andreas Klöckner as an individual project. Previous versions of RELATE, such as 2f68e16, had security-related vulnerabilities. These vulnerabilities stemmed from the makesigninkey function in auth.py and the genticketcode function in exam.py, whic...

CVE-2026-40496

CVE-2026-40496 affects FreeScout prior to version 1.8.213, where attachment download tokens were created with a weak formula: md5(APP_KEY + attachment_id + size). Because attachment_id is sequential and size brute-forcible, an unauthenticated attacker can forge valid tokens and download private a...

CVE-2025-40931

Apache::Session::Generate::MD5 (versions through 1.94 for Perl) creates insecure session IDs. The default generator returns a MD5 hash seeded with the built-in rand(), the epoch time, and the PID; the PID comes from a small set, and the epoch time may be guessed if not leaked. Built-in rand() is ...

CVE-2025-40931

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

CVE-2025-13079

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.2. This is due to the plugin generating predictable unsubscribe tokens using deterministic data. This makes it...

CVE-2025-13079

CVE-2025-13079 concerns the WordPress plugin “Popup Builder” (versions

CVE-2025-13079 Popup Builder - Create highly converting, mobile friendly marketing popups. <= 4.4.2 - Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.2. This is due to the plugin generating predictable unsubscribe tokens using deterministic data. This makes it...

CVE-2025-13079 Popup Builder - Create highly converting, mobile friendly marketing popups. <= 4.4.2 - Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.2. This is due to the plugin generating predictable unsubscribe tokens using deterministic data. This makes it...

WordPress Popup Builder plugin <= 4.4.2 - Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens vulnerability

Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Popup Builder versions = 4.4.2...

CVE-2025-64097 NervesHub has Insufficient Token Entropy that Allows Authentication Bypass via Brute Force

NervesHub is a web service that allows users to manage over-the-air OTA firmware updates of devices in the field. A vulnerability present starting in version 1.0.0 and prior to version 2.3.0 allowed attackers to brute-force user API tokens due to the predictable format of previously issued tokens...

NervesHub security feature vulnerability

NervesHub is a software developed under open source by NervesHub for managing firmware updates of Nerves devices. Versions of NervesHub from 1.0.0 to 2.3.0 had security vulnerabilities. These vulnerabilities stemmed from the predictable and non-encrypted token format, which could lead to...

PT-2026-3943

NervesHub is a web service that allows users to manage over-the-air OTA firmware updates of devices in the field. A vulnerability present starting in version 1.0.0 and prior to version 2.3.0 allowed attackers to brute-force user API tokens due to the predictable format of previously issued tokens...

CVE-2025-66511 Nextcloud Calendar app used predictable proposal participant tokens

Nextcloud Calendar is a calendar app for Nextcloud. Prior to 6.0.3, the Calendar app generates participant tokens for meeting proposals using a hash function, allowing an attacker to compute valid participant tokens, which allowed them to request details and submit dates in meeting proposals. The...

CVE-2025-66511 Nextcloud Calendar app used predictable proposal participant tokens

Nextcloud Calendar is a calendar app for Nextcloud. Prior to 6.0.3, the Calendar app generates participant tokens for meeting proposals using a hash function, allowing an attacker to compute valid participant tokens, which allowed them to request details and submit dates in meeting proposals. The...

Calendar app used predictable proposal participant tokens

None...

CVE-2025-55796

The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...