Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-6331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility...

7.5CVSS6AI score0.00147EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 12:32 a.m.6 views

EUVD-2026-39565

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

2.1CVSS5.8AI score0.00147EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 10:17 p.m.3 views

DEBIAN-CVE-2026-6331

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

7.5CVSS5.8AI score0.00147EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 10:17 p.m.8 views

CVE-2026-6331

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

7.5CVSS0.00147EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 8:56 p.m.5 views

CVE-2026-6331

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

7.5CVSS5.8AI score0.00147EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:56 p.m.5 views

CVE-2026-6331

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

2.1CVSS5.8AI score0.00147EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:56 p.m.24 views

CVE-2026-6331 HMAC zero-length tag forgery in EVP_DigestVerifyFinal

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

2.1CVSS0.00147EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:56 p.m.15 views

CVE-2026-6331

CVE-2026-6331 describes an HMAC zero-length tag forgery in EVP_DigestVerifyFinal. The OpenSSL-compatibility HMAC verify path allowed a zero-length or truncated tag to pass because the signature length check only ensured it did not exceed the MAC length. The fixed behavior now requires the supplie...

7.5CVSS5.8AI score0.00147EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52604

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists in the EVP DigestVerifyFinal function where a zero-length tag could be accepted as valid during HMAC Hash-based Message Authentication Code...

7.5CVSS5.7AI score0.00147EPSS
Exploits0References9
Rows per page
Query Builder