CVE-2025-11931

The set of connected documents confirms this CVE affects wolfSSL’s XChaCha20-Poly1305 code, specifically the wc_XChaCha20Poly1305_Decrypt() function. The root cause is an integer underflow that can lead to out-of-bounds access when decrypting, and this path is taken from direct application calls ...

CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

CVE-2025-11931 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

CVE-2025-11931 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

JLSEC-2025-202 A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware M...

A Lucky 13 timing side channel in mbedtlsssldecryptbuf in library/sslmsg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length...

PT-2025-47819

Name of the Vulnerable Software and Affected Versions Versions prior to 2025-11931 Description An integer underflow can lead to out-of-bounds access during decryption using XChaCha20-Poly1305. This occurs specifically when calling the wc XChaCha20Poly1305 Decrypt function, which is utilized by...

New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices

Cybersecurity researchers have disclosed details of a new Android banking trojan called Sturnus that enables credential theft and full device takeover to conduct financial fraud. "A key differentiator is its ability to bypass encrypted messaging," ThreatFabric said in a report shared with The...

TencentOS Server 4: grub2 (TSSA-2025:0411)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0411 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

PT-2025-47514

Name of the Vulnerable Software and Affected Versions Twonky Server version 8.5.2 Description Twonky Server version 8.5.2 on Linux and Windows contains a cryptographic flaw due to the use of hard-coded cryptographic keys. An attacker who knows the encrypted administrator password can decrypt it...

Malicious code in delta-encrypt-decrypt-process-hot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47be4747508a9978698f14c3a6e3c22e2b2fd3bfe34ece2ef5c5445dfc296dbe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178900

Malicious code in final-uglify-decrypt-enum-data npm...

EUVD-2025-175883

Malicious code in tree-function-kappa-decrypt-assert npm...

MAL-2025-188826 Malicious code in private-easy-string-decrypt-meta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ae8f5ebf1c13bf1a1e8aa5ca2740eee87baa6e70ae9e6675a45d077559c16a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176989

Malicious code in protected-reject-decrypt-bad-big npm...

EUVD-2025-177049

Malicious code in private-easy-string-decrypt-meta npm...

EUVD-2025-179372

Malicious code in decrypt-sun-mock-rain-debug npm...

EUVD-2025-179724

Malicious code in class-debug-private-decrypt-slow npm...

EUVD-2025-175898

Malicious code in transpile-bundle-upsilon-decrypt-secure npm...

EUVD-2025-178451

Malicious code in import-abstract-nu-private-decrypt npm...