356 matches found
EUVD-2026-40291
Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG. The MSE Message Stream Encryption handshake derives its 160-bit Diffie-Hellman private key from Perl's rand, a non-cryptographic drand48-class generator seeded once per...
PYSEC-2026-316 cobbler allows anyone to connect to cobbler XML-RPC server with known password and make changes
Summary utils.getsharedsecret always returns -1 - allows anyone to connect to cobbler XML-RPC as user '' password -1 and make any changes. Details utils.py getsharedsecret: def getsharedsecret - Unionstr, int: """ The 'web.ss' file is regenerated each time cobblerd restarts and is used to agree o...
CVE-2026-10512
The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...
CVE-2026-10512
The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...
CVE-2026-10512
The CVE-2026-10512 issue affects the X25519 x86_64 assembly implementation, where the final modular reduction fails to clear the most significant bit, leaving the 255-bit field element non-canonical. Consequently, the computed result from scalar multiplication may be incorrect, potentially yieldi...
EUVD-2026-39552
The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...
CVE-2026-10512 X25519 x86_64 assembly final reduction leaves non-canonical field element
The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...
PT-2026-52561
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The X25519 x86 64 assembly implementation fails to clear the most significant bit during the final modular reduction. This occurs because the final...
CVE-2026-6673
Mattermost versions 11.7.x = 11.7.0, 11.6.x = 11.6.2, 11.5.x = 11.5.5, 10.11.x = 10.11.17 fail to authenticate Atlassian Connect installed callbacks, allowing a remote unauthenticated attacker to inject a rogue sharedSecret and disrupt the Jira integration via POST to /ac/installed during the...
CVE-2026-6673
Mattermost Jira plugin (CVE-2026-6673) authenticates poorly during Atlassian Connect install. Affected Mattermost versions (11.7.x <= 11.7.0, 11.6.x <= 11.6.2, 11.5.x <= 11.5.5, 10.11.x
CVE-2026-6673
Mattermost versions 11.7.x = 11.7.0, 11.6.x = 11.6.2, 11.5.x = 11.5.5, 10.11.x = 10.11.17 fail to authenticate Atlassian Connect installed callbacks, allowing a remote unauthenticated attacker to inject a rogue sharedSecret and disrupt the Jira integration via POST to /ac/installed during the...
CVE-2026-56345
AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin's uploadRecordedVideo.json.php endpoint that derives the target usersid from the uploaded filename without verification. An attacker with knowledge of the Meet shared secret can craft a malicious file upload wit...
EUVD-2026-38132
AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin's uploadRecordedVideo.json.php endpoint that derives the target usersid from the uploaded filename without verification. An attacker with knowledge of the Meet shared secret can craft a malicious file upload wit...
CVE-2026-50214 Shared Secret Quota Inflation
The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans...
CVE-2026-36616
Mercusys AC12G EU V1 with firmware AC12GEUV1200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...
EUVD-2026-34154
Mercusys AC12G EU V1 with firmware AC12GEUV1200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...
CVE-2026-36616
Mercusys AC12G EU V1 with firmware AC12GEUV1200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...
CVE-2026-36616
CVE-2026-36616 affects the Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909. The issue is the presence of hardcoded WiFi driver credentials embedded in the production firmware binary: a RADIUS shared secret, a WPS test key, and a default PSK. The vulnerability arises from these sensitive ...
CVE-2026-45039
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the internode RPC layer authenticates every request with an HMAC-SHA256 signature using a shared secret. The function that produces this secret, getsharedsecret in crates/ecstore/src/rpc/httpauth.rs, falls back to...
EUVD-2026-32998
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the internode RPC layer authenticates every request with an HMAC-SHA256 signature using a shared secret. The function that produces this secret, getsharedsecret in crates/ecstore/src/rpc/httpauth.rs, falls back to...