Lucene search
K

4 matches found

Circl
Circl
added 2026/01/22 4:3 a.m.5 views

CVE-2026-23967

creationtimestamp| type| source ---|---|--- 2026-01-22 04:03:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcycjlc4522h 2026-01-22 04:03:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcyckhdi7u2g 2026-01-22 04:04:54+00:00| seen|...

7.5CVSS5.7AI score0.0019EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/01/22 1:59 a.m.24 views

CVE-2026-23967 sm-crypto Affected by Signature Malleability in SM2-DSA

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature malleability vulnerability exists in the SM2 signature verification logic of the sm-crypto library prior to version 0.3.14. An attacker can derive a new valid signature for a...

7.5CVSS0.0019EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/01/21 4:13 p.m.7 views

@arkxos/arkos-app-gateway-manage (=0.1.0), @arkxos/arkos-app-system (>=0.1.0 <=0.1.1) +80 more potentially affected by CVE-2026-23967 via sm-crypto (>=0.0.9 <=0.3.13)

sm-crypto NPM version =0.0.9, =0.1.0, =1.0.30, =0.1.26, =1.0.0, =1.0.0, =1.0.9, =1.0.1, =1.1.1, =3.0.0, =4.0.0, =4.3.0 and more Source cves: CVE-2026-23967 Source advisory: OSV:GHSA-QV7W-V773-3XQM...

7.5CVSS5.7AI score0.0019EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/21 4:13 p.m.7 views

cn.herodotus.engine:oauth2-authentication-autoconfigure (>=3.5.5.3 <=3.5.6.2), cn.herodotus.engine:oauth2-authorization-server-autoconfigure (>=3.3.0.5 <=3.5.5.2) +2 more potentially affected by CVE-2026-23967 via org.webjars.npm:sm-crypto (=0.3.13)

org.webjars.npm:sm-crypto MAVEN version =0.3.13 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:sm-crypto and may be impacted: - cn.herodotus.engine:oauth2-authentication-autoconfigure =3.5.5.3, =3.3.0.5, =3.3.0.5, =3.5.5.3, =3.5.6.2...

7.5CVSS5.8AI score0.0019EPSS
Exploits0
Rows per page
Query Builder