Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Github Security Blog
Github Security Blogadded 2026/02/09 3:28 p.m.3 views

Fiber has an insecure fallback in utils.UUIDv4() / utils.UUID() — predictable / zero‑UUID on crypto/rand failure

Fiber v2 contains an internal vendored copy of gofiber/utils, and its functions UUIDv4 and UUID inherit the same critical weakness described in the upstream advisory. On Go versions prior to 1.24, the underlying crypto/rand implementation can return an error if secure randomness cannot be obtaine...

9.4CVSS5.8AI score0.0002EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologiesadded 2026/02/09 12:0 a.m.4 views

PT-2026-7122

Name of the Vulnerable Software and Affected Versions Fiber versions prior to 2.52.11 Fiber versions prior to 2.52.11 running on Go versions prior to 1.24 Description The Fiber framework, an Express-inspired web framework written in Go, is susceptible to generating predictable identifiers when...

9.9CVSS5.5AI score0.00733EPSS
Exploits44References121
SUSE CVE
SUSE CVEadded 2026/01/06 12:24 a.m.2 views

SUSE CVE-2025-66565

Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator crypto/rand fails, both functions silently fall back to returning predictable UUID values, including the zero UUID...

9.8CVSS6.9AI score0.0008EPSS
Exploits0References2
OSV
OSVadded 2025/12/09 1:47 a.m.3 views

CVE-2025-66565 Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values

Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator crypto/rand fails, both functions silently fall back to returning predictable UUID values, including the zero UUID...

9.3CVSS6.7AI score0.0008EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.1 views

PT-2025-49761

Name of the Vulnerable Software and Affected Versions Fiber Utils versions 2.0.0-rc.3 and below Description Fiber Utils is a collection of functions for Fiber. In versions 2.0.0-rc.3 and below, if the system’s cryptographic random number generator crypto/rand fails, the software silently reverts ...

9.8CVSS6.5AI score0.0008EPSS
Exploits0References8
Github Security Blog
Github Security Blogadded 2025/12/08 5:57 p.m.6 views

Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values

Summary Critical security vulnerabilities exist in both the UUIDv4 and UUID functions of the github.com/gofiber/utils package. When the system's cryptographic random number generator crypto/rand fails, both functions silently fall back to returning predictable UUID values, the zero UUID...

9.8CVSS7.4AI score0.0008EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder