Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

565 matches found

CNNVD
CNNVDadded 2026/02/25 12:0 a.m.3 views

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained security...

8.1CVSS5.8AI score0.00102EPSS
Exploits1References2
Snyk
Snykadded 2026/02/16 5:2 a.m.0 views

Improper Verification of Cryptographic Signature

Overview org.webjars.npm:jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the DSA domain-parameter validation in KJUR.crypto.DSA.setPublic and the related DSA/X509 verification flow ...

9.1CVSS5.9AI score0.0001EPSS
Exploits1References2
Snyk
Snykadded 2026/02/16 5:2 a.m.3 views

Improper Verification of Cryptographic Signature

Overview jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the DSA domain-parameter validation in KJUR.crypto.DSA.setPublic and the related DSA/X509 verification flow in src/dsa-2.0.j...

9.1CVSS5.8AI score0.0001EPSS
Exploits1References2
NVD
NVDadded 2026/02/10 10:17 p.m.3 views

CVE-2026-26007

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

8.2CVSS0.00009EPSS
Exploits0References3
OSV
OSVadded 2026/02/10 10:17 p.m.1 views

DEBIAN-CVE-2026-26007

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

6.5CVSS7.2AI score0.00009EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/02/10 9:42 p.m.21 views

CVE-2026-26007 cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

8.2CVSS0.00009EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/02/10 9:42 p.m.6 views

CVE-2026-26007

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

8.2CVSS7.2AI score0.00009EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/02/10 9:42 p.m.7 views

CVE-2026-26007

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

8.2CVSS5.6AI score0.00009EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinuxadded 2026/02/10 9:42 p.m.4 views

CVE-2026-26007

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

8.2CVSS5.8AI score0.00009EPSS
Exploits0
OSV
OSVadded 2026/02/10 9:27 p.m.2 views

GHSA-R6PH-V2QM-Q3C2 cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

Vulnerability Summary The publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the point belongs to the expected prime-order subgroup of the curve. This missing validation allows an...

8.2CVSS5.9AI score0.00009EPSS
Exploits0References6
CNNVD
CNNVDadded 2026/02/10 12:0 a.m.1 views

cryptography 安全漏洞

cryptography is an open-source Python encryption library developed by Python Cryptographic Authority. Versions of cryptography prior to 46.0.5 contained security vulnerabilities. These vulnerabilities stemmed from multiple public key-related functions that did not verify whether the point belonge...

8.2CVSS6.9AI score0.00009EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/02/10 12:0 a.m.4 views

PT-2026-7473

Name of the Vulnerable Software and Affected Versions cryptography versions prior to 46.0.5 Description The public key from numbers or EllipticCurvePublicNumbers.public key, EllipticCurvePublicNumbers.public key, load der public key, and load pem public key functions do not validate that the...

8.2CVSS5.3AI score0.00009EPSS
Exploits0References89
Tenable Nessus
Tenable Nessusadded 2026/02/05 12:0 a.m.4 views

SUSE SLES12 Security Update : gpg2 (SUSE-SU-2026:0378-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0378-1 advisory. - CVE-2025-68973: Fixed possile memory corruption in the armor parser T7906 bsc1255715 - Fixed GnuPG Accepting Path Separators and Path Traversals in...

7.8CVSS5.6AI score0.00016EPSS
Exploits1References7
SUSE Linux
SUSE Linuxadded 2026/02/04 7:38 a.m.4 views

Security update for gpg2

This update for gpg2 fixes the following issues: CVE-2025-68973: Fixed possile memory corruption in the armor parser T7906 bsc1255715 Fixed GnuPG Accepting Path Separators and Path Traversals in Literal Data bsc1256389 Fixed Cleartext Signature Forgery in the NotDashEscaped header implementation ...

8CVSS5.5AI score0.00016EPSS
Exploits1References10
OSV
OSVadded 2026/02/04 7:38 a.m.2 views

SUSE-SU-2026:0378-1 Security update for gpg2

This update for gpg2 fixes the following issues: - CVE-2025-68973: Fixed possile memory corruption in the armor parser T7906 bsc1255715 - Fixed GnuPG Accepting Path Separators and Path Traversals in Literal Data bsc1256389 - Fixed Cleartext Signature Forgery in the NotDashEscaped header...

7.8CVSS5.8AI score0.00016EPSS
Exploits1References6
GithubExploit
GithubExploitadded 2026/01/23 1:16 p.m.103 views

ens-contracts-bug-62248-pr-509

DNS SEC upgrade repo Summary This repo contains the solut...

5.7AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/01/23 6:19 a.m.6 views

CVE-2026-23965

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto prior to version 0.4.0. Under default configurations, an attacker can forge valid signatures for...

7.5CVSS5.8AI score0.00011EPSS
Exploits0References1
NVD
NVDadded 2026/01/22 3:15 a.m.2 views

CVE-2026-23965

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto prior to version 0.4.0. Under default configurations, an attacker can forge valid signatures for...

7.5CVSS0.00011EPSS
Exploits0References2
OSV
OSVadded 2026/01/22 2:5 a.m.3 views

CVE-2026-23965 sm-crypto Affected by Signature Forgery in SM2-DSA

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto prior to version 0.4.0. Under default configurations, an attacker can forge valid signatures for...

7.5CVSS5.8AI score0.00011EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/01/22 2:5 a.m.23 views

CVE-2026-23965 sm-crypto Affected by Signature Forgery in SM2-DSA

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto prior to version 0.4.0. Under default configurations, an attacker can forge valid signatures for...

7.5CVSS0.00011EPSS
Exploits0References2
Rows per page
Query Builder