[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-2858":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":45,"related":46,"reserved_at":9,"published_at":52,"modified_at":53,"state":54,"summary":55,"references_raw":64,"kevs":109,"epss":110,"epss_history":113,"metrics":369,"affected":380},"CVE-2016-2858","QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-331","Insufficient Entropy","The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-59","Session Credential Falsification through Prediction",[],[],[],[],[27,29,31,33,35,37,39,41,43],{"_key":28},"SUSE-SU-2016:1560-1",{"_key":30},"SUSE-SU-2016:1698-1",{"_key":32},"SUSE-SU-2016:1703-1",{"_key":34},"SUSE-SU-2016:1785-1",{"_key":36},"UBUNTU-CVE-2016-2858",{"_key":38},"USN-2974-1",{"_key":40},"DLA-1599-1",{"_key":42},"MGASA-2016-0176",{"_key":44},"DEBIAN-CVE-2016-2858",[],[47,48,49,50,51],{"_key":28},{"_key":30},{"_key":32},{"_key":34},{"_key":42},"2016-04-07T19:00:00.000Z","2024-08-05T23:40:13.545Z","Modified",{"cisa_kev":56,"cisa_ransomware":56,"cisa_vendor":9,"epss_severity":57,"epss_score":58,"severity":59,"severity_score":60,"severity_version":61,"severity_source":62,"severity_vector":63,"severity_status":54},false,"low",0.00124,"medium",6.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",[65,73,80,84,90,96,101,105],{"url":66,"sources":67,"tags":69},"http://www.openwall.com/lists/oss-security/2016/03/07/4",[68,62],"cve.org",[70,71,72],"Mailing List","X Refsource MLIST","Third Party Advisory",{"url":74,"sources":75,"tags":76},"https://bugzilla.redhat.com/show_bug.cgi?id=1314676",[68,62],[77,78,79,72],"X Refsource CONFIRM","Issue Tracking","Patch",{"url":81,"sources":82,"tags":83},"http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=60253ed1e6ec6d8e5ef2efe7bf755f475dce9956",[68,62],[77],{"url":85,"sources":86,"tags":87},"https://security.gentoo.org/glsa/201604-01",[68,62],[88,89,72],"Vendor Advisory","X Refsource GENTOO",{"url":91,"sources":92,"tags":93},"http://www.securityfocus.com/bid/84134",[68,62],[94,95,72],"VDB Entry","X Refsource BID",{"url":97,"sources":98,"tags":99},"http://www.ubuntu.com/usn/USN-2974-1",[68,62],[88,100,72],"X Refsource UBUNTU",{"url":102,"sources":103,"tags":104},"http://www.openwall.com/lists/oss-security/2016/03/04/1",[68,62],[70,71,72],{"url":106,"sources":107,"tags":108},"https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html",[68,62],[70,71,72],[],{"date":111,"score":58,"percentile":112},"2026-06-04",0.31159,[114,117,120,123,126,129,132,135,138,141,144,147,150,153,156,159,162,165,168,171,174,177,180,182,185,188,191,194,197,200,203,206,208,211,213,216,219,222,225,228,231,234,236,239,242,245,248,251,254,257,260,263,266,268,271,273,275,278,281,284,287,290,293,295,298,301,304,306,308,310,312,315,317,320,322,325,327,330,333,336,339,342,345,348,351,354,357,360,363,366],{"date":115,"score":58,"percentile":116},"2025-11-04",0.32398,{"date":118,"score":58,"percentile":119},"2025-11-05",0.32383,{"date":121,"score":58,"percentile":122},"2025-11-06",0.32387,{"date":124,"score":58,"percentile":125},"2025-11-07",0.32404,{"date":127,"score":58,"percentile":128},"2025-11-08",0.32401,{"date":130,"score":58,"percentile":131},"2025-11-09",0.32378,{"date":133,"score":58,"percentile":134},"2025-11-10",0.32327,{"date":136,"score":58,"percentile":137},"2025-11-11",0.32349,{"date":139,"score":58,"percentile":140},"2025-11-12",0.32396,{"date":142,"score":58,"percentile":143},"2025-11-13",0.32413,{"date":145,"score":58,"percentile":146},"2025-11-14",0.32415,{"date":148,"score":58,"percentile":149},"2025-11-15",0.32414,{"date":151,"score":58,"percentile":152},"2025-11-16",0.32386,{"date":154,"score":58,"percentile":155},"2025-11-17",0.32359,{"date":157,"score":58,"percentile":158},"2025-11-18",0.2674,{"date":160,"score":58,"percentile":161},"2025-11-19",0.26765,{"date":163,"score":58,"percentile":164},"2025-11-20",0.2677,{"date":166,"score":58,"percentile":167},"2025-11-21",0.32393,{"date":169,"score":58,"percentile":170},"2025-11-22",0.32395,{"date":172,"score":58,"percentile":173},"2025-11-23",0.32367,{"date":175,"score":58,"percentile":176},"2025-11-24",0.32341,{"date":178,"score":58,"percentile":179},"2025-11-25",0.32338,{"date":181,"score":58,"percentile":176},"2025-11-26",{"date":183,"score":58,"percentile":184},"2025-11-27",0.32352,{"date":186,"score":58,"percentile":187},"2025-11-28",0.32334,{"date":189,"score":58,"percentile":190},"2025-11-29",0.32316,{"date":192,"score":58,"percentile":193},"2025-11-30",0.32292,{"date":195,"score":58,"percentile":196},"2025-12-01",0.32381,{"date":198,"score":58,"percentile":199},"2025-12-02",0.32409,{"date":201,"score":58,"percentile":202},"2025-12-03",0.32407,{"date":204,"score":58,"percentile":205},"2025-12-04",0.32304,{"date":207,"score":58,"percentile":179},"2025-12-05",{"date":209,"score":58,"percentile":210},"2025-12-06",0.3234,{"date":212,"score":58,"percentile":190},"2025-12-07",{"date":214,"score":58,"percentile":215},"2025-12-08",0.32324,{"date":217,"score":58,"percentile":218},"2025-12-09",0.32375,{"date":220,"score":58,"percentile":221},"2025-12-10",0.32436,{"date":223,"score":58,"percentile":224},"2025-12-11",0.32469,{"date":226,"score":58,"percentile":227},"2025-12-12",0.32502,{"date":229,"score":58,"percentile":230},"2025-12-13",0.32485,{"date":232,"score":58,"percentile":233},"2025-12-14",0.32462,{"date":235,"score":58,"percentile":143},"2025-12-15",{"date":237,"score":58,"percentile":238},"2025-12-16",0.32438,{"date":240,"score":58,"percentile":241},"2025-12-17",0.32492,{"date":243,"score":58,"percentile":244},"2025-12-18",0.32543,{"date":246,"score":58,"percentile":247},"2025-12-19",0.3257,{"date":249,"score":58,"percentile":250},"2025-12-20",0.32549,{"date":252,"score":58,"percentile":253},"2025-12-21",0.32488,{"date":255,"score":58,"percentile":256},"2025-12-22",0.32459,{"date":258,"score":58,"percentile":259},"2025-12-23",0.32451,{"date":261,"score":58,"percentile":262},"2025-12-24",0.32448,{"date":264,"score":58,"percentile":265},"2025-12-25",0.32516,{"date":267,"score":58,"percentile":227},"2025-12-26",{"date":269,"score":58,"percentile":270},"2025-12-27",0.32505,{"date":272,"score":58,"percentile":202},"2025-12-28",{"date":274,"score":58,"percentile":218},"2025-12-29",{"date":276,"score":58,"percentile":277},"2025-12-30",0.32368,{"date":279,"score":58,"percentile":280},"2025-12-31",0.32421,{"date":282,"score":58,"percentile":283},"2026-01-01",0.32569,{"date":285,"score":58,"percentile":286},"2026-01-02",0.32556,{"date":288,"score":58,"percentile":289},"2026-01-03",0.32542,{"date":291,"score":58,"percentile":292},"2026-01-04",0.32402,{"date":294,"score":58,"percentile":122},"2026-01-05",{"date":296,"score":58,"percentile":297},"2026-01-06",0.324,{"date":299,"score":58,"percentile":300},"2026-01-07",0.32424,{"date":302,"score":58,"percentile":303},"2026-01-08",0.32452,{"date":305,"score":58,"percentile":303},"2026-01-09",{"date":307,"score":58,"percentile":303},"2026-01-10",{"date":309,"score":58,"percentile":300},"2026-01-11",{"date":311,"score":58,"percentile":184},"2026-01-12",{"date":313,"score":58,"percentile":314},"2026-01-13",0.32336,{"date":316,"score":58,"percentile":196},"2026-01-14",{"date":318,"score":58,"percentile":319},"2026-01-15",0.32376,{"date":321,"score":58,"percentile":297},"2026-01-16",{"date":323,"score":58,"percentile":324},"2026-01-17",0.3239,{"date":326,"score":58,"percentile":187},"2026-01-18",{"date":328,"score":58,"percentile":329},"2026-01-19",0.32303,{"date":331,"score":58,"percentile":332},"2026-01-20",0.32283,{"date":334,"score":58,"percentile":335},"2026-01-21",0.32237,{"date":337,"score":58,"percentile":338},"2026-01-22",0.32212,{"date":340,"score":58,"percentile":341},"2026-01-23",0.32275,{"date":343,"score":58,"percentile":344},"2026-01-24",0.32286,{"date":346,"score":58,"percentile":347},"2026-01-25",0.32216,{"date":349,"score":58,"percentile":350},"2026-01-26",0.32126,{"date":352,"score":58,"percentile":353},"2026-01-27",0.32112,{"date":355,"score":58,"percentile":356},"2026-01-28",0.32089,{"date":358,"score":58,"percentile":359},"2026-01-29",0.3205,{"date":361,"score":58,"percentile":362},"2026-01-30",0.32043,{"date":364,"score":58,"percentile":365},"2026-01-31",0.32051,{"date":367,"score":58,"percentile":368},"2026-02-01",0.32144,[370],{"source":62,"cvss_v2_0":371,"cvss_v3_0":9,"cvss_v3_1":376,"cvss_v4_0":9},{"baseScore":372,"baseSeverity":9,"vectorString":373,"impactScore":374,"exploitabilityScore":375},1.9,"AV:L/AC:M/Au:N/C:N/I:N/A:P",2.9,3.4,{"baseScore":60,"baseSeverity":377,"vectorString":63,"impactScore":378,"exploitabilityScore":379},"MEDIUM",6.7,5.1,[381,396,403],{"ecosystem":9,"name":382,"vendor":383,"product":384,"cpe_part":385,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":386},"ubuntu linux","canonical","ubuntu_linux","o",[387,390,392,394],{"version":388,"is_range":56,"range_type":389,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":391,"is_range":56,"range_type":389,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":393,"is_range":56,"range_type":389,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.10",{"version":395,"is_range":56,"range_type":389,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"ecosystem":9,"name":397,"vendor":398,"product":399,"cpe_part":385,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":400},"debian linux","debian","debian_linux",[401],{"version":402,"is_range":56,"range_type":389,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"ecosystem":9,"name":404,"vendor":404,"product":404,"cpe_part":405,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":406},"qemu","a",[407],{"version":408,"is_range":409,"range_type":389,"version_start":9,"version_start_type":9,"version_end":410,"version_end_type":411,"fixed_in":9},"lte2.5.1.1",true,"2.5.1.1","including"]