MeldSecurity
Press Enter to search
CVE Database & Search β†’
Sign In Get Started

CVE-2025-66565

🚨 CRITICAL

Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator (crypto/rand) fails, both functions silentl...

Published
Dec 09, 2025
Last Modified
Dec 11, 2025
Views
12
Bookmarks
0

Description

Request Expert Review

Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator (crypto/rand) fails, both functions silently fall back to returning predictable UUID values, including the zero UUID "00000000-0000-0000-0000-000000000000". The vulnerability occurs through two related but distinct failure paths, both ultimately caused by crypto/rand.Read() failures, compromising the security of all Fiber applications using these functions for security-critical operations. This issue is fixed in version 2.0.0-rc.4.

Affected Products (19)

gofiber - utils

Version: *

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

gofiber - utils

Version: 2.0.0

CVSS Scores

CVSS 3.1 9.8
9.8
CRITICAL
CVSS 2.0 9.8

References

github.com github.com github.com

Additional Information

Source
security-advisories@github.com
State
Analyzed

Related CVEs

CVE-2026-1139

HIGH

A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/ConfigExceptMSN. The...

Score: 8.8

CVE-2026-1138

HIGH

A flaw has been found in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/ConfigExceptQQ. Executing a manipulation can...

Score: 8.8

CVE-2026-1137

HIGH

A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formWebAuthGlobalConfig....

Score: 8.8

CVE-2026-1136

LOW

A weakness has been identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. Affected is the function Save of the file /blog/bCont...

Score: 3.5

CVE-2026-1135

MEDIUM

A security flaw has been discovered in itsourcecode Society Management System 1.0. This impacts an unknown function of the file /admin/activity.php. T...

Score: 4.3

CVE-2026-1134

MEDIUM

A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown function of the file /admin/expenses.php. The ma...

Score: 4.3

Share CVE-2025-66565

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Request a professional security analysis for CVE-2025-66565 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Add 3 credits for accelerated delivery

Base Cost: 8 credits
Priority Upgrade: + credits
SLA Acceleration: +3 credits
Total Cost:
Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

Report Analysis