Lucene search
K

CVE-2026-2968

šŸ—“ļøĀ 23 Feb 2026Ā 03:02:07Reported byĀ VulDBTypeĀ 
cve
Ā cve
šŸ”—Ā web.nvd.nist.govšŸ‘Ā 22Ā Views

CVE-2026-2968: Cesanta Mongoose up to 7.20 has improper verification in mg_chacha20_poly1305_decrypt enabling remote signature manipulation.

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-2968
23 Feb 202603:02
–attackerkb
Information Security Automation
April Linux Patch Wednesday
22 Apr 202616:00
–avleonov
CNNVD
Cesanta Mongoose ę•°ę®ä¼Ŗé€ é—®é¢˜ę¼ę“ž
23 Feb 202600:00
–cnnvd
Cvelist
CVE-2026-2968 Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification
23 Feb 202603:02
–cvelist
Debian CVE
CVE-2026-2968
23 Feb 202603:02
–debiancve
NVD
CVE-2026-2968
23 Feb 202604:16
–nvd
OSV
DEBIAN-CVE-2026-2968
23 Feb 202604:16
–osv
OSV
JLSEC-2026-368 A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function...
30 Apr 202619:30
–osv
OSV
UBUNTU-CVE-2026-2968
23 Feb 202604:16
–osv
Positive Technologies
PT-2026-21495
23 Feb 202600:00
–ptsecurity
Rows per page
NVD
Vulners
Node
cesantamongooseRange≤7.20
[
  {
    "vendor": "Cesanta",
    "product": "Mongoose",
    "versions": [
      {
        "version": "7.0",
        "status": "affected"
      },
      {
        "version": "7.1",
        "status": "affected"
      },
      {
        "version": "7.2",
        "status": "affected"
      },
      {
        "version": "7.3",
        "status": "affected"
      },
      {
        "version": "7.4",
        "status": "affected"
      },
      {
        "version": "7.5",
        "status": "affected"
      },
      {
        "version": "7.6",
        "status": "affected"
      },
      {
        "version": "7.7",
        "status": "affected"
      },
      {
        "version": "7.8",
        "status": "affected"
      },
      {
        "version": "7.9",
        "status": "affected"
      },
      {
        "version": "7.10",
        "status": "affected"
      },
      {
        "version": "7.11",
        "status": "affected"
      },
      {
        "version": "7.12",
        "status": "affected"
      },
      {
        "version": "7.13",
        "status": "affected"
      },
      {
        "version": "7.14",
        "status": "affected"
      },
      {
        "version": "7.15",
        "status": "affected"
      },
      {
        "version": "7.16",
        "status": "affected"
      },
      {
        "version": "7.17",
        "status": "affected"
      },
      {
        "version": "7.18",
        "status": "affected"
      },
      {
        "version": "7.19",
        "status": "affected"
      },
      {
        "version": "7.20",
        "status": "affected"
      }
    ],
    "cpes": [
      "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
    ],
    "modules": [
      "Poly1305 Authentication Tag Handler"
    ]
  }
]

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 10:32Current
4.5Medium risk
Vulners AI Score4.5
CVSS 22.6
CVSS 3.13.7
CVSS 46.3
CVSS 33.7
EPSS0.00218
SSVC
22