CWE · MITRE source
CWE-341Predictable from Observable State
A number or object is predictable based on observations that the attacker can make about the state of the system or network, such as time, process ID, etc.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2019-6563 | 2.0 | 9.8 | 0.0014 | 2019-03-05 |
CVE-2020-1731 | 1.8 | 9.1 | 0.0039 | 2020-03-02 |
CVE-2025-40780 | 1.7 | 8.6 | 0.0002 | 2025-10-22 |
CVE-2026-42365 | 1.7 | 8.6 | 0.0006 | 2026-05-04 |
CVE-2023-49259 | 1.5 | 7.5 | 0.0004 | 2024-01-12 |
CVE-2018-17917 | 1.1 | 5.3 | 0.0018 | 2018-10-10 |
CVE-2020-5365 | 1.1 | 5.3 | 0.0026 | 2020-05-20 |
CVE-2025-48461 | 1.0 | 5.0 | 0.0003 | 2025-06-24 |
CVE-2025-42925 | 0.9 | 4.3 | 0.0004 | 2025-09-09 |
CVE-2024-10141 | 0.8 | 3.7 | 0.0020 | 2024-10-19 |
CVE-2021-4277 | 0.5 | 2.6 | 0.0020 | 2022-12-25 |