Lucene search
K

36 matches found

EUVD
EUVD
added 2026/06/26 12:32 a.m.7 views

EUVD-2026-39570

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.3CVSS5.9AI score0.0013EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 10:17 p.m.8 views

CVE-2026-6330

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.5CVSS0.0013EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:17 p.m.3 views

DEBIAN-CVE-2026-6330

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.5CVSS5.8AI score0.0013EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 9:1 p.m.22 views

CVE-2026-6330 ML-KEM ARM64 NEON ciphertext comparison only compares half of the input

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.3CVSS0.0013EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 9:1 p.m.4 views

CVE-2026-6330

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.5CVSS5.8AI score0.0013EPSS
Exploits0
CVE
CVE
added 2026/06/25 9:1 p.m.15 views

CVE-2026-6330

CVE-2026-6330 : In ML-KEM targeting ARM64 NEON, the ciphertext comparison only checks half of the input. This breaks the Fujisaki-Okamoto transform’s implicit rejection, weakening IND-CCA2 security on that path. The constant-time comparison thus ignores part of the re-encrypted ciphertext, allowi...

6.5CVSS5.9AI score0.0013EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/25 8:17 p.m.7 views

CVE-2026-10097

wolfSSL's AVX2-optimized ML-KEM implementation mlkemcmpavx2 compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the expected re-encryption solely in bytes 1536-1567 bypass implicit rejection and...

8.3CVSS0.00161EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 7:59 p.m.6 views

CVE-2026-10097

wolfSSL's AVX2-optimized ML-KEM implementation mlkemcmpavx2 compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the expected re-encryption solely in bytes 1536-1567 bypass implicit rejection and...

8.3CVSS5.8AI score0.00161EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/25 7:59 p.m.8 views

CVE-2026-10097 ML-KEM-1024 x64 AVX2 incomplete cipher text comparison enables IND-CCA2 break and static private-key recovery

wolfSSL's AVX2-optimized ML-KEM implementation mlkemcmpavx2 compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the expected re-encryption solely in bytes 1536-1567 bypass implicit rejection and...

8.3CVSS5.8AI score0.00161EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 7:59 p.m.33 views

CVE-2026-10097 ML-KEM-1024 x64 AVX2 incomplete cipher text comparison enables IND-CCA2 break and static private-key recovery

wolfSSL's AVX2-optimized ML-KEM implementation mlkemcmpavx2 compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the expected re-encryption solely in bytes 1536-1567 bypass implicit rejection and...

8.3CVSS0.00161EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 7:59 p.m.6 views

EUVD-2026-39553

ML-KEM-1024 x64 AVX2 implicit rejection failure in the Fujisaki-Okamoto transform breaks IND-CCA2 security, allowing decapsulation to deviate from the implicit-rejection behavior required by the standard. The AVX2 constant-time ciphertext comparison used during decapsulation never compared the...

6.3CVSS5.9AI score0.00161EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 7:59 p.m.16 views

CVE-2026-10097

Summary: CVE-2026-10097 affects wolfSSL’s ML-KEM-1024 x64 AVX2 implementation. The Fujisaki-Okamoto decapsulation path performs an incomplete ciphertext check, failing to compare the final portion of the 1568-byte ciphertext. As a result, ciphertexts manipulated in those final bytes can bypass im...

8.3CVSS5.8AI score0.00161EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52603

Name of the Vulnerable Software and Affected Versions ML-KEM affected versions not specified Description An issue exists in the ARM64 NEON ciphertext comparison where only half of the input is compared. This failure breaks the implicit rejection of the Fujisaki-Okamoto transform—a method used to...

6.5CVSS5.8AI score0.0013EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in nss

The NSS code used for checking PKCS1 v1.5 was leaking information useful for launching Bleichenbacher-style attacks. Both the overall correctness of the padding and the length of the encrypted message were exposed through timing side-channels. By sending a large number of ciphertexts selected by...

6.5CVSS6.8AI score0.00628EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 12:24 p.m.9 views

OESA-2026-2612 nss security update

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

6.5CVSS5.5AI score0.00628EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.11 views

PT-2026-47838

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description The CMS decrypt and PKCS7 decrypt functions are susceptible to a Bleichenbacher-style attack, which is an adaptive-chosen-ciphertext side channel. This allows an attacker to use a vulnerable...

9.1CVSS5.5AI score0.00513EPSS
Exploits0References101
OSV
OSV
added 2025/08/14 10:9 a.m.3 views

SUSE-SU-2025:20593-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262...

7.5CVSS6.9AI score0.01118EPSS
Exploits0References3
OSV
OSV
added 2025/04/17 9:42 p.m.7 views

CLSA-2025-1744926159 Update of openssl

Backport the implicit rejection mechanism for RSA PKCS1 v1.5 to prevent Bleichenbacher attacks; add an option to disable the mechanism...

5.8AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/01/09 4:15 a.m.8 views

CVE-2025-0306

A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...

7.4CVSS7AI score0.00626EPSS
Exploits0References2
OSV
OSV
added 2024/11/01 3:20 p.m.21 views

SUSE-SU-2024:3872-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262...

7.5CVSS7.7AI score0.01118EPSS
Exploits0References3
Rows per page
Query Builder