The generate pseudorandom sequence() function in openssl encrypt/plugins/steganography/core/utils.py at lines 89-91 uses Python's random module (Mersenne Twister) for steganographic pixel/sample selection.

random.seed(seed)
sequence = random.sample(range(max value), min(length, max value))
return sequence

Additionally, the steganography password is stored as a plain Python string (not SecureBytes) and only 8 bytes (64 bits) of the SHA-256 hash are used for the seed, reducing effective security to 64 bits.

The Mersenne Twister's state can be recovered from approximately 624 outputs. An attacker who knows or guesses the password can predict the PRNG sequence and determine exactly which pixels contain hidden data, potentially extracting the hidden data without the password.

Fixed in commit 09e96e0 on branch releases/1.4.x — replaced random.seed(hash(password)) with HMAC-SHA256 based CSPRNG (Fisher-Yates shuffle) and numpy Generator with HMAC-derived seeds across all steganography format modules.