profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/40xxx/CVE-2022-40769.json",
"cna_assigner": "mitre"
}{
"cpe": "cpe:2.3:a:profanity_project:profanity:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "1.60"
},
{
"last_affected": "1.60"
}
],
"source": [
"DESCRIPTION",
"CPE_RANGE"
]
}[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"335653004125579727361909521583037682761",
"311482898943491207032871869398135283951",
"137739608384132628283623628429958562105",
"278071674560827812021299947126638175853",
"259946597086722551199272541397494173355",
"318902216411399292229207906306965567427",
"278764409281609167152726528468827208646",
"331278226160300765570076318712786322155",
"132689319566273043415048501793258129128",
"45427195988141541511236882309774713905",
"323839747872209976362525898298426142735",
"174234455823546615322928600746770523665",
"74737338088607167957446984168002590365",
"56454326804197721767231139214249316576",
"314037825821763149979635030504352355527",
"8544468287428654008031504924511431551",
"264731206887473933071413980606380791370"
]
},
"target": {
"file": "Dispatcher.hpp"
},
"id": "CVE-2022-40769-0d06e3f2",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
"deprecated": false
},
{
"digest": {
"function_hash": "40700540793381116661358800051364592008",
"length": 1656.0
},
"target": {
"function": "Dispatcher::initBegin",
"file": "Dispatcher.cpp"
},
"id": "CVE-2022-40769-0eb9b86a",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
"deprecated": false
},
{
"digest": {
"function_hash": "125522956173111395869378250304266447134",
"length": 592.0
},
"target": {
"function": "Dispatcher::onEvent",
"file": "Dispatcher.cpp"
},
"id": "CVE-2022-40769-2aacbe9c",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"229429070403753869520336598756028695416",
"317722874171969280148707390817702991472",
"175742555053086738064520918892541319635",
"126681243252968052628384997076175012451",
"313164911110104434772140287596456484565",
"334560537950424089764477743746445842476",
"162883311999151176025329287951508872296",
"203437997028521354937296151814470689256",
"150944661205962686518814511509102791415",
"190838076893154117805155540709215556902",
"152204552019544659330601628661067460782",
"18300060505647202050042721968543518739",
"268020046929094918929919870032514790276",
"163312471417396922505891248165027082407",
"259615065894319263283738645855856386581",
"206488196871809245535130362519919033989",
"63318331295419976650323028330971960520",
"127999889231098819982353190825474074551",
"78765847272912592359471210840386488859",
"217654238362410393426077490113516869470",
"190908863416180397551641431826828575498",
"323306367904102798318770599112300673224",
"241415698444591556178456414068124804607",
"259488421585268079658853640563122087284",
"220476204097687923798807655076218228022",
"109530843889318024497349278757897224171",
"311874730584353549137731011848772463415",
"221164557121446593222021323515561859276",
"198302279820889518990074500168551297974",
"267209063905201880625078485712367949606",
"26877038630028942765458487832920963887",
"142896269812521314779799500300052216393",
"185845632080402751804630699168015791331",
"261062007920270832021301244854679199669",
"143015482972774597917274466573201313304",
"301052535267067022898182864761582566908",
"222844022248910071375562520807212942602",
"62404496069244966002893989027164326554",
"156919150340417496846930266608564716561",
"272922549834024161063920238274353533935",
"110189677317991468744622262183744527614",
"219366473596757673397382730149207374694",
"13794894341898863372085945911898362051",
"308199277357253668444020106155638103737",
"65441086983644355250724992598833857231",
"92459386977881611936695201547034526875",
"256297623389755699437276189869534667991",
"1860733805697629023551505238303159556",
"160015488594996146385078725160655073393",
"141224078672408286568208031028757028201",
"180357577247216218417645142225151899638",
"99637510364442156177228881931611209663",
"200534918495052722640743938053453640059",
"290852471142157404643568053683591981643",
"114645550883763787241258644020232110198",
"278859414165576429953159106265816254460",
"93611591220895066012192055778395381518",
"209893846760305076241948948777239757089",
"178090542395311496234181229538854017183",
"277322779006511466675457139877515854483",
"155015821191886968963895158538742366899",
"181327179493986888934596319686437756848",
"73714616916644733502024094324995648389",
"104209423984360332152569934171459999563",
"172031959742022336900708092579064164219",
"71155841245155578424388489629021102080",
"292096106630925104641534687293540793334",
"303020245810626129242448789383383761286",
"189306886743833478320688446733369526964",
"198848877490426056022144674945757017365",
"225921145049220089961558294490058463309",
"106427871458837428198598627430266409208",
"324037354733495496156242969560297278205",
"282808197849078960179385730548000908801",
"50509637941638622173505197532847970748",
"30700556599764391197283819223475319137",
"24715910089255020943525531854150635078",
"213108484878122208948147697813788969345",
"327912794942278313139683143064858812923"
]
},
"target": {
"file": "Dispatcher.cpp"
},
"id": "CVE-2022-40769-4ae62c40",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
"deprecated": false
},
{
"digest": {
"function_hash": "95012158442187386622958557493990876094",
"length": 1131.0
},
"target": {
"function": "Dispatcher::init",
"file": "Dispatcher.cpp"
},
"id": "CVE-2022-40769-563f32ae",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
"deprecated": false
},
{
"digest": {
"function_hash": "112313715075229863687738086570648394769",
"length": 1604.0
},
"target": {
"function": "Dispatcher::Device::Device",
"file": "Dispatcher.cpp"
},
"id": "CVE-2022-40769-5e0aa891",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
"deprecated": false
},
{
"digest": {
"function_hash": "162957381259888408761373860055163171004",
"length": 836.0
},
"target": {
"function": "Dispatcher::initContinue",
"file": "Dispatcher.cpp"
},
"id": "CVE-2022-40769-9919b552",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
"deprecated": false
},
{
"digest": {
"function_hash": "252484899145987245914060764224752620817",
"length": 293.0
},
"target": {
"function": "getKernelExecutionTimeMillis",
"file": "Dispatcher.cpp"
},
"id": "CVE-2022-40769-b491ee33",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
"deprecated": false
},
{
"digest": {
"function_hash": "161073974858956666727261879480455510964",
"length": 1082.0
},
"target": {
"function": "Dispatcher::dispatch",
"file": "Dispatcher.cpp"
},
"id": "CVE-2022-40769-d3af8f7c",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-40769.json"
"2026-07-09T06:01:46Z"