4 matches found
CVE-2026-2815 Incorrect use of the PUF key for user key generation in EFR32xG27 results in predictable keys
Incorrect use of the PUF key for user key generation in EFR32xG27 results in predictable keys...
EUVD-2026-39394
Incorrect use of the PUF key for user key generation in EFR32xG27 results in predictable keys...
CVE-2026-2815
The CVE affects Silicon Labs’ EFR32xG27 devices. Issue: Incorrect use of the PUF key for user key generation leads to predictable keys. This is tied to a CVSS 4.0 base score of 8.4 (HIGH) with adjacent access, low attack complexity, no authentication, and user interaction not required. The vulner...
CVE-2025-3853 WPshop 2 – E-Commerce 2.0.0 - 2.6.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Key Generation
The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 2.0.0 to 2.6.0 via the callbackgenerateapikey due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above...