CVE-2026-20050 Cisco Secure Firewall Threat Defense Decryption Policy Denial of Service Vulnerability

A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper memory...

CVE-2026-2747

SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor...

PT-2026-23016

A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper memory...

On the Practical Feasibility of Harvest-Now, Decrypt-Later Attacks

Harvest-now, decrypt-later HN-DL attacks threaten today's encrypted communications by archiving ciphertext until a quantum computer can break the underlying key exchange. This paper reframes HN-DL as an economic problem, quantifying adversary costs across Transport Layer Security TLS 1.2, TLS 1.3...

Expert Recommends: Prepare for PQC Right Now

Introduction: Steal It Today, Break It in a Decade Digital evolution is unstoppable, and though the pace may vary, things tend to fall into place sooner rather than later. That, of course, applies to adversaries as well. The rise of ransomware and cyber extortion generated funding for a complex a...

CVE-2026-27519

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...

CVE-2026-2968

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mgchacha20poly1305decrypt of the file /src/tlschacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be...

UBUNTU-CVE-2026-2968

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mgchacha20poly1305decrypt of the file /src/tlschacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be...

CVE-2026-2968

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mgchacha20poly1305decrypt of the file /src/tlschacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be...

CVE-2026-2968

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mgchacha20poly1305decrypt of the file /src/tlschacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be...

Cesanta Mongoose 数据伪造问题漏洞

Cesanta Mongoose is a set of embedded server libraries developed by the Irish company Cesanta. It includes functions for TCP and HTTP clients and servers, as well as WenSocket clients and servers. Versions of Cesanta Mongoose prior to 7.20 contained a data manipulation vulnerability. This...

CVE-2026-2968

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mgchacha20poly1305decrypt of the file /src/tlschacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be...

PT-2026-21495

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg chacha20 poly1305 decrypt of the file /src/tls chacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be...

CVE-2025-36379

IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2025-36379

IBM Security QRadar EDR and IBM Security ReaQta are affected by CVE-2025-36379, where weaker-than-expected cryptographic algorithms could allow decryption of sensitive information. Affected versions: QRadar EDR 3.12 through 3.12.23 (and ReaQta 3.12 through 3.12.23). Root cause: use of insufficien...

PT-2026-20213

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description The software uses cryptographic algorithms that are not strong enough, potentially allowing an attacker to decrypt sensitive information. Recommendations Update to a version beyond 2.1.0. At...

Exploit for Incorrect Authorization in Dani-Garcia Vaultwarden

CVE-2026-26012 — Vaultwarden Cipher Enumeration PoC Full...

SUSE SLES11 Security Update : openssl1 (SUSE-SU-2026:0498-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0498-1 advisory. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in...

CLSA-2026-1770820922 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...

CLSA-2026-1771004260 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...