CVE-2026-2625

A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager RPM file. During the RPM signature verification process, this crafted file can trigger an error in the OpenPGP signature parsing code, leading to an...

SUSE CVE-2018-15586

Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed for arbitrary messages using a PGP/INLINE signature wrapped within a specially crafted multipart HTML email...

The vulnerability of Thunderbird email client, related to incorrect verification of the OpenPGP cryptographic signature, allows attackers to gain access to protected information.

The vulnerability of the Thunderbird email client is related to an improper verification of the OpenPGP cryptographic signature. Exploiting this vulnerability could allow a remote attacker to gain access to protected information...

Over Dozen Popular Email Clients Found Vulnerable to Signature Spoofing Attacks

A team of security researchers has discovered several vulnerabilities in various implementations of OpenPGP and S/MIME email signature verification that could allow attackers to spoof signatures on over a dozen of popular email clients. The affected email clients include Thunderbird, Microsoft...