Lucene search
+L

89 matches found

Cvelist
Cvelist
added last week32 views

CVE-2026-54736 Phalcon: Non-constant-time HMAC verification in `Encryption\Crypt::decrypt` (timing side-channel)

Phalcon is a high-performance, full-stack PHP framework. Prior to 5.14.1, Phalcon\Encryption\Crypt::decrypt compares the attacker-supplied HMAC tag against the freshly computed HMAC using PHP/Zephir identity comparison, which lowers to a byte-wise comparison that returns early on the first...

8.2CVSS0.00147EPSS
Exploits0References5
OSV
OSV
added last week4 views

CVE-2026-54736 Phalcon: Non-constant-time HMAC verification in `Encryption\Crypt::decrypt` (timing side-channel)

Phalcon is a high-performance, full-stack PHP framework. Prior to 5.14.1, Phalcon\Encryption\Crypt::decrypt compares the attacker-supplied HMAC tag against the freshly computed HMAC using PHP/Zephir identity comparison, which lowers to a byte-wise comparison that returns early on the first...

8.2CVSS6.1AI score0.00147EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/25 8:56 p.m.6 views

CVE-2026-6331

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

7.5CVSS5.8AI score0.00147EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:56 p.m.23 views

CVE-2026-6331

CVE-2026-6331 describes an HMAC zero-length tag forgery in EVP_DigestVerifyFinal. The OpenSSL-compatibility HMAC verify path allowed a zero-length or truncated tag to pass because the signature length check only ensured it did not exceed the MAC length. The fixed behavior now requires the supplie...

7.5CVSS5.8AI score0.00147EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/15 5:32 p.m.7 views

GHSA-RRJ9-5Q2J-4GVR Symfony: Mailomat Mailer Webhook Parser Reads the HMAC Algorithm from the Request: Signature Algorithm Downgrade

Description Symfony\Component\Mailer\Bridge\Mailomat\Webhook\MailomatRequestParser::validateSignature parses the X-MOM-Webhook-Signature request header as algo=signature and passes the wire-supplied $algo directly to hashhmac when verifying the request against the configured webhook secret. The...

6.3CVSS5.5AI score0.00197EPSS
Exploits0References6
OSV
OSV
added 2026/06/09 5:14 p.m.15 views

USN-8414-1 openssl vulnerabilities

Frank Buss discovered that OpenSSL had a heap buffer over-read in ASN.1 content parsing. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or obtain sensitive information. CVE-2026-34180 Pavol Zacik and Alex Gaynor discovered that OpenSSL...

9.1CVSS6.1AI score0.02719EPSS
Exploits0References16
NVD
NVD
added 2026/05/28 7:16 p.m.21 views

CVE-2026-45039

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the internode RPC layer authenticates every request with an HMAC-SHA256 signature using a shared secret. The function that produces this secret, getsharedsecret in crates/ecstore/src/rpc/httpauth.rs, falls back to...

9.8CVSS0.00268EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/22 6:43 p.m.12 views

EUVD-2026-31485

TypeBot is a chatbot builder tool. In versions 3.16.0 and prior, the WhatsApp Cloud API webhook endpoint POST /v1/workspaces/workspaceId/whatsapp/credentialsId/webhook does not verify the x-hub-signature-256 HMAC signature included by Meta in every webhook delivery. The webhook URL exposes both...

6.5CVSS5.8AI score0.0014EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/22 6:43 p.m.14 views

CVE-2026-39969 TypeBot: WhatsApp Webhook Endpoint Missing Signature Verification

TypeBot is a chatbot builder tool. In versions 3.16.0 and prior, the WhatsApp Cloud API webhook endpoint POST /v1/workspaces/workspaceId/whatsapp/credentialsId/webhook does not verify the x-hub-signature-256 HMAC signature included by Meta in every webhook delivery. The webhook URL exposes both...

6.5CVSS5.8AI score0.0014EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/21 8:7 p.m.17 views

Fission StorageSvc /v1/archive endpoint exposes unauthenticated CRUD over all function archives

Summary The Fission storagesvc component registers archive CRUD handlers /v1/archive GET / POST / DELETE and /v1/archives list directly on its HTTP router without performing any authentication or authorization. Any caller able to reach the storagesvc ClusterIP — including any other workload in th...

8.8CVSS6AI score0.00344EPSS
Exploits0References6Affected Software1
GithubExploit
GithubExploit
added 2026/05/21 7:36 a.m.97 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copy-fail CVE-2026-31431 Copy Fail – a C language PoC,...

7.8CVSS7.4AI score0.96267EPSS
Exploits230
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.16 views

PT-2026-42684

Name of the Vulnerable Software and Affected Versions Fission versions prior to 1.23.0 Description The storagesvc component registers archive CRUD handlers on its HTTP router without authentication or authorization. This allows any caller capable of reaching the storagesvc ClusterIP, such as othe...

8.8CVSS5.6AI score0.00344EPSS
Exploits0References9
OSV
OSV
added 2026/05/11 6:12 p.m.3 views

CVE-2026-45223 Crabbox < 0.9.0 Authentication Bypass via Admin Claim Injection

Crabbox before 0.9.0 contains an authentication bypass vulnerability in the coordinator user-token verification path where the verifyUserToken function fails to reject payloads containing an admin claim, allowing attackers to escalate privileges. An attacker with access to the shared non-admin...

7.7CVSS6AI score0.00382EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/05/04 10:3 p.m.7 views

net-imap vulnerable to denial of service via high iteration count for `SCRAM-*` authentication

Summary When authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational denial-of-service attack on the client process by sending a big iteration count value. Details A hostile IMAP server can send an arbitrarily large PBKDF2 iteration count in the...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References11Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/24 7:11 p.m.6 views

CVE-2026-41244 Mojic: Observable Timing Discrepancy in HMAC Verification

Mojic is a CLI tool to transform readable C code into an unrecognizable chaotic stream of emojis. Prior to 2.1.4, the CipherEngine uses a standard equality operator !== to verify the HMAC-SHA256 integrity seal during the decryption phase. This creates an Observable Timing Discrepancy CWE-208,...

4.7CVSS5.3AI score0.00108EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/16 9:10 p.m.13 views

Timing Attack

Overview mojic is an Obfuscate C source code into encrypted, password-seeded emoji streams. Affected versions of this package are vulnerable to Timing Attack in the getDecryptStream process. An attacker can bypass file integrity checks by exploiting timing discrepancies in the HMAC verification,...

5.7CVSS6AI score0.00108EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/16 9:10 p.m.10 views

Mojic: Observable Timing Discrepancy in HMAC Verification

Summary The CipherEngine in Mojic v2.1.3 uses a standard equality operator !== to verify the HMAC-SHA256 integrity seal during the decryption phase. This creates an Observable Timing Discrepancy CWE-208, allowing a potential attacker to bypass the file integrity check via a timing attack. Details...

4.7CVSS6AI score0.00108EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/10 9:16 p.m.3 views

DEBIAN-CVE-2026-40194

phpseclib is a PHP secure communications library. Starting in 0.1.1 and prior to 3.0.51, 2.0.53, and 1.0.28, phpseclib\Net\SSH2::getbinarypacket uses PHP's != operator to compare a received SSH packet HMAC against the locally computed HMAC. != on equal-length binary strings in PHP uses memcmp,...

3.7CVSS5.8AI score0.00334EPSS
Exploits0References1
OSV
OSV
added 2026/04/10 9:16 p.m.12 views

UBUNTU-CVE-2026-40194

phpseclib is a PHP secure communications library. Starting in 0.1.1 and prior to 3.0.51, 2.0.53, and 1.0.28, phpseclib\Net\SSH2::getbinarypacket uses PHP's != operator to compare a received SSH packet HMAC against the locally computed HMAC. != on equal-length binary strings in PHP uses memcmp,...

3.7CVSS5.8AI score0.00334EPSS
Exploits0References7
CVE
CVE
added 2026/04/10 8:24 p.m.55 views

CVE-2026-40194

CVE-2026-40194 affects the phpseclib PHP secure communications library. Prior to versions 3.0.51, 2.0.53, and 1.0.28, phpseclib\Net\SSH2::get_binary_packet() compares the received SSH packet HMAC to the computed HMAC using the != operator. In PHP, != on equal-length binary strings invokes memcmp(...

3.7CVSS5.8AI score0.00334EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder