{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25726", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-05T16:48:00.426Z", "datePublished": "2026-04-03T20:06:21.629Z", "dateUpdated": "2026-04-04T03:21:18.970Z"}, "containers": {"cna": {"title": "Cloudreve is vulnerable to Account Takeover via Weak Cryptographic Token Generation (Insecure PRNG Seeding)", "problemTypes": [{"descriptions": [{"cweId": "CWE-338", "lang": "en", "description": "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/cloudreve/cloudreve/security/advisories/GHSA-f8xp-wvcx-p6f4", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/cloudreve/cloudreve/security/advisories/GHSA-f8xp-wvcx-p6f4"}, {"name": "https://github.com/cloudreve/cloudreve/releases/tag/4.13.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/cloudreve/cloudreve/releases/tag/4.13.0"}], "affected": [{"vendor": "cloudreve", "product": "cloudreve", "versions": [{"version": "< 4.13.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-03T20:06:21.629Z"}, "descriptions": [{"lang": "en", "value": "Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now().UnixNano() to generate critical security secrets, including the secret_key, and hash_id_salt. These secrets are generated upon first startup and persisted in the database. An attacker can exploit this by obtaining the administrator's account creation time (via public API endpoints) to narrow the search window for the PRNG seed, and use known hashid to validate the seed. By brute-forcing the seed (demonstrated to take <3 hours on general consumer PC), an attacker can predict the secret_key. This allows them to forge valid JSON Web Tokens (JWTs) for any user, including administrators, leading to full account takeover and privilege escalation. This issue has been patched in version 4.13.0."}], "source": {"advisory": "GHSA-f8xp-wvcx-p6f4", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-04T03:21:10.510009Z", "id": "CVE-2026-25726", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-04T03:21:18.970Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25726", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-04T03:21:10.510009Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-04T03:21:15.441Z"}}], "cna": {"title": "Cloudreve is vulnerable to Account Takeover via Weak Cryptographic Token Generation (Insecure PRNG Seeding)", "source": {"advisory": "GHSA-f8xp-wvcx-p6f4", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "cloudreve", "product": "cloudreve", "versions": [{"status": "affected", "version": "< 4.13.0"}]}], "references": [{"url": "https://github.com/cloudreve/cloudreve/security/advisories/GHSA-f8xp-wvcx-p6f4", "name": "https://github.com/cloudreve/cloudreve/security/advisories/GHSA-f8xp-wvcx-p6f4", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/cloudreve/cloudreve/releases/tag/4.13.0", "name": "https://github.com/cloudreve/cloudreve/releases/tag/4.13.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now().UnixNano() to generate critical security secrets, including the secret_key, and hash_id_salt. These secrets are generated upon first startup and persisted in the database. An attacker can exploit this by obtaining the administrator's account creation time (via public API endpoints) to narrow the search window for the PRNG seed, and use known hashid to validate the seed. By brute-forcing the seed (demonstrated to take <3 hours on general consumer PC), an attacker can predict the secret_key. This allows them to forge valid JSON Web Tokens (JWTs) for any user, including administrators, leading to full account takeover and privilege escalation. This issue has been patched in version 4.13.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-338", "description": "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-03T20:06:21.629Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25726", "state": "PUBLISHED", "dateUpdated": "2026-04-04T03:21:18.970Z", "dateReserved": "2026-02-05T16:48:00.426Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-03T20:06:21.629Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cloudreve:cloudreve:*:*:*:*:*:*:*:*", "matchCriteriaId": "0607E1D4-BDC8-40FC-9495-F19E4AE2F6BE", "versionEndExcluding": "4.13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now().UnixNano() to generate critical security secrets, including the secret_key, and hash_id_salt. These secrets are generated upon first startup and persisted in the database. An attacker can exploit this by obtaining the administrator's account creation time (via public API endpoints) to narrow the search window for the PRNG seed, and use known hashid to validate the seed. By brute-forcing the seed (demonstrated to take <3 hours on general consumer PC), an attacker can predict the secret_key. This allows them to forge valid JSON Web Tokens (JWTs) for any user, including administrators, leading to full account takeover and privilege escalation. This issue has been patched in version 4.13.0."}], "id": "CVE-2026-25726", "lastModified": "2026-04-13T18:31:43.283", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-03T20:16:02.263", "references": [{"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/cloudreve/cloudreve/releases/tag/4.13.0"}, {"source": "security-advisories@github.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://github.com/cloudreve/cloudreve/security/advisories/GHSA-f8xp-wvcx-p6f4"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-338"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,4.13.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "cloudreve", "source": "cna", "vendor": "cloudreve"}, "product": "cloudreve", "vendor": "cloudreve"}], "analysis": {"en": {"generated_at": "2026-04-13T19:27:28.588506+00:00", "value": {"mitigation_remediation": ["Upgrade Cloudreve to version 4.13.0 or later to eliminate the weak PRNG usage and enforce random secret generation."], "summary": {"action": "Apply Patch", "impact": "Full Account Takeover via forged JWTs"}, "threat_synthesis": {"affected_systems": "Any installation of Cloudreve prior to version 4.13.0 is affected. The vulnerability exists in the default self\u2011hosted distribution and applies to all products listed under the Cloudreve vendor/product name.", "description_and_impact": "Cloudreve, a self\u2011hosted file\u2011management platform, uses the standard math/rand pseudo\u2011random number generator seeded with the system time to create critical security secrets such as the secret_key and hash_id_salt. Because the seed is predictable, an attacker who can determine the administrator\u2019s account creation time\u2014exposed through public API endpoints\u2014can narrow the search for the PRNG seed. By brute\u2011forcing this seed, the attacker can recover the secret_key, enabling the creation of valid JSON Web Tokens (JWTs) for any user, including administrators. This results in complete account takeover and privilege escalation.", "risk_and_exploitability": "The CVSS score of 8.1 indicates high severity, and the EPSS score of less than 1% does not negate the practical exploitability demonstrated to require under three hours on a general consumer PC. The vulnerability is not listed in KEV, but the attack vector is remote via exposed APIs, requiring no local access. Given the severity, the likelihood of exploitation is significant for active users running vulnerable versions."}}}}, "created": "2026-04-06T21:23:00.314262+00:00", "updated": "2026-04-14T16:41:48.587814+00:00", "vendors": ["cloudreve", "cloudreve$PRODUCT$cloudreve"]}