CVE-2026-47831
Use of a cryptographically weak random number generator in the GenerateRandomPassword function in bosh-windows-stemcell-builder allows a rem
CVSS
7.5
High
EPSS
0.2%
p9
KEV
—
Exploit Today
3
0-100
Published: Jul 9, 2026 · Last modified: Jul 9, 2026
0.2%EPSS · 30 days0.2%
2026-07-092026-07-17
Use of a cryptographically weak random number generator in the GenerateRandomPassword function in bosh-windows-stemcell-builder allows a remote attacker to brute-force the resulting SSH login via TCP/22. Affected versions: bosh-windows-stemcell-builder versions prior to v2019.98.
No related CVEs by CWE or product.