Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

37 matches found

RedhatCVE
RedhatCVEadded 6 days ago5 views

CVE-2026-8721

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...

9.8CVSS5.6AI score0.0002EPSS
Exploits0References1
NVD
NVDadded 2026/05/17 7:16 p.m.8 views

CVE-2026-8721

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...

9.8CVSS0.0002EPSS
Exploits0References2
OSV
OSVadded 2026/05/17 7:16 p.m.5 views

UBUNTU-CVE-2026-8721

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...

9.8CVSS5.9AI score0.0002EPSS
Exploits0References9
UbuntuCve
UbuntuCveadded 2026/05/17 7:16 p.m.6 views

CVE-2026-8721

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...

9.8CVSS5.9AI score0.0002EPSS
Exploits0References8
Cvelist
Cvelistadded 2026/05/17 6:51 p.m.26 views

CVE-2026-8721 Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...

0.0002EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/17 6:51 p.m.10 views

EUVD-2026-30707

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...

5.9AI score0.0002EPSS
Exploits0References1
CVE
CVEadded 2026/05/17 6:51 p.m.17 views

CVE-2026-8721

CVE-2026-8721 affects Crypt::OpenSSL::PKCS12 for Perl up to version 1.94. The root cause is that PKCS12.xs passes password data as char* through Perl’s typemap, discarding length, and the C/OpenSSL code calls strlen() on the buffer, causing any password byte at or after the first NULL to be silen...

9.8CVSS5.9AI score0.0002EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/17 6:51 p.m.5 views

CVE-2026-8721 Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...

5.9AI score0.0002EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/05/17 6:51 p.m.6 views

CVE-2026-8721

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...

9.8CVSS5.9AI score0.0002EPSS
Exploits0
CNNVD
CNNVDadded 2026/05/17 12:0 a.m.7 views

Crypt::OpenSSL::PKCS12 安全漏洞

Crypt::OpenSSL::PKCS12 is an open-source cryptographic extension module developed by Dan Sully for the Perl language. It primarily provides functionality for calling the OpenSSL PKCS12 API. Versions of Crypt::OpenSSL::PKCS12 up to 1.94 contained security vulnerabilities. These vulnerabilities...

9.8CVSS5.8AI score0.0002EPSS
Exploits0References1
OSV
OSVadded 2026/05/04 7:16 a.m.3 views

UBUNTU-CVE-2026-43860

mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...

3.7CVSS5.8AI score0.00041EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/05/04 5:45 a.m.3 views

CVE-2026-43860

mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...

3.7CVSS5.8AI score0.00041EPSS
Exploits0
Cvelist
Cvelistadded 2026/05/04 5:45 a.m.31 views

CVE-2026-43860

mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...

3.7CVSS0.00041EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/04 5:45 a.m.1 views

CVE-2026-43860

mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...

3.7CVSS5.8AI score0.00041EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/04 5:45 a.m.3 views

EUVD-2026-26896

mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...

3.7CVSS5.8AI score0.00041EPSS
Exploits0References1
NVD
NVDadded 2025/10/16 5:15 p.m.2 views

CVE-2025-25298

Strapi is an open source headless CMS. The @strapi/core package before version 5.10.3 does not enforce a maximum password length when using bcryptjs for password hashing. Bcryptjs ignores any bytes beyond 72, so passwords longer than 72 bytes are silently truncated. A user can create an account...

6.3CVSS0.00046EPSS
Exploits1References2
Snyk
Snykadded 2025/10/16 4:42 p.m.2 views

Weak Encoding for Password

Overview @strapi/admin is a Strapi Admin Affected versions of this package are vulnerable to Weak Encoding for Password in to the implementation of password hashing. An attacker can reduce the effective entropy of user passwords and potentially mislead users about the required password length by...

6.3CVSS6.8AI score0.00046EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/10/16 12:0 a.m.0 views

Strapi 安全漏洞

Strapi is an open source content management system CMS from the French strapi community. A security vulnerability exists in Strapi versions prior to 5.10.3 that stems from not enforcing the maximum password length for bcryptjs password hashes, which could result in passwords being silently...

6.3CVSS6.6AI score0.00046EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-9025

Malware in sbrugna...

10CVSS9.4AI score0.00168EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-15891

Malware in sbrugna...

9.8CVSS9.3AI score0.01792EPSS
Exploits0References4
Rows per page
Query Builder