95 matches found
CVE-2026-6458
Missing cryptographic step in Caliptra Core Firmware aes256gcmupdate module results in an incorrect GCM authentication tag. When the streaming AES-256-GCM API is used with empty AAD, the hardware GHASH accumulator state is not saved after the first update call, causing the final tag to exclude th...
CVE-2026-6458
CVE-2026-6458 involves the Caliptra Core Firmware (aes_256_gcm_update module) where a missing cryptographic step in the streaming AES-256-GCM API with empty AAD leads to the hardware GHASH accumulator state not being saved after the first update. As a result, the final GCM authentication tag does...
CVE-2026-6458
Missing cryptographic step in Caliptra Core Firmware aes256gcmupdate module results in an incorrect GCM authentication tag. When the streaming AES-256-GCM API is used with empty AAD, the hardware GHASH accumulator state is not saved after the first update call, causing the final tag to exclude th...
CVE-2026-6458 AES-256-GCM Authentication Tag Does Not Cover First Ciphertext Blocks When AAD Is Empty
Missing cryptographic step in Caliptra Core Firmware aes256gcmupdate module results in an incorrect GCM authentication tag. When the streaming AES-256-GCM API is used with empty AAD, the hardware GHASH accumulator state is not saved after the first update call, causing the final tag to exclude th...
PT-2026-51610
Name of the Vulnerable Software and Affected Versions Caliptra Core Runtime Firmware versions 2.0.0 through 2.0.1 Caliptra Core Runtime Firmware version 2.1.0 Description A missing cryptographic step in the aes 256 gcm update module leads to an incorrect GCM authentication tag. When the streaming...
SUSE CVE-2026-45446
Issue summary: The implementations of AES-SIV RFC 5297 and AES-GCM-SIV RFC 8452 mishandle the authentication of AAD Additional Authenticated Data with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's...
Linux Distros Unpatched Vulnerability : CVE-2026-45446
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: The implementations of AES-SIV RFC 5297 and AES-GCM-SIV RFC 8452 mishandle the authentication of AAD Additional Authenticated Data with an empty...
CVE-2026-45446 Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
Issue summary: The implementations of AES-SIV RFC 5297 and AES-GCM-SIV RFC 8452 mishandle the authentication of AAD Additional Authenticated Data with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's...
aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +231 more potentially affected by CVE-2026-41479 via authlib (>=0.10.0 <=1.6.1)
authlib PYPI version =0.10.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2, =1.0.2, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.1 and more Source cves: CVE-2026-41479 Source advisory: OSV:GHSA-W8P2-R796-3VMQ...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Service in authencesn due to too-short AAD CVE-2026-23060 kernel: crypto: algifaead - Revert to operating out-of-place CVE-2026-31431 kernel: crypto: afalg - limit...
RHEL 9 : kernel (RHSA-2026:19225)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19225 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Servi...
aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +234 more potentially affected by CVE-2026-44681 via authlib (>=0.10.0 <=1.6.11)
authlib PYPI version =0.10.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2, =1.0.2, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.1 and more Source cves: CVE-2026-44681 Source advisory: OSV:GHSA-R95X-QFJJ-FJJ2...
aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +170 more potentially affected by CVE-2026-44681 via authlib (>=1.0.0 <=1.6.11)
authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2026-44681 Source advisory:...
CentOS 9 : kernel-5.14.0-701.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-701.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - limit RX SG extraction by receive buffer budget Mak...
Oracle Linux 10 : kernel (ELSA-2026-13566)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13566 advisory. - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Vladislav Dronov RHEL-172211 CVE-2026-31431 - crypto: authencesn ...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 Copy Fail Toolset This repository contains t...
aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +232 more potentially affected by CVE-2026-41425 via authlib (>=0.10.0 <=1.6.10)
authlib PYPI version =0.10.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2, =1.0.2, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.1 and more Source cves: CVE-2026-41425 Source advisory: OSV:PYSEC-2026-25...
aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +167 more potentially affected by CVE-2026-41425 via authlib (>=1.0.0 <=1.6.10)
authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2026-41425 Source advisory:...
aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +232 more potentially affected by CVE-2026-41425 via authlib (>=0.10.0 <=1.6.10)
authlib PYPI version =0.10.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2, =1.0.2, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.1 and more Source cves: CVE-2026-41425 Source advisory: OSV:GHSA-JJ8C-MMJ3-MMGV...
aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +225 more potentially affected by CVE-2026-28498 via authlib (>=1.0.0 <=1.6.8)
authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.4.0, =0.1.0, =0.5.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2026-28498 Source advisory:...