GuvenliWebYazilimiGelistirme-CipherNone-

🛡️ CipherNone: JWT "alg: none" Vulnerability & Hardening Lab...

SUSE CVE-2026-25834

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

Linux Distros Unpatched Vulnerability : CVE-2026-25834

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade. CVE-2026-25834 Note that Nessus relies on the presence of the package as reported by the vendo...

PT-2026-30011

Name of the Vulnerable Software and Affected Versions Go JOSE versions prior to 4.1.4 and versions prior to 3.0.5 Description Go JOSE, an implementation of the Javascript Object Signing and Encryption standards in Go, is susceptible to a denial of service. When decrypting a JSON Web Encryption JW...

Use of a Broken or Risky Cryptographic Algorithm

Overview fast-jwt is a Fast JSON Web Token implementation Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the performDetectPublicKeyAlgorithms function due to improper handling of leading whitespace in PEM key strings. An attacker can gain...

GHSA-MVF2-F6GM-W987 fast-jwt: Incomplete fix for CVE-2023-48223: JWT Algorithm Confusion via Whitespace-Prefixed RSA Public Key

Summary The fix for GHSA-c2ff-88x2-x9pg CVE-2023-48223 is incomplete. The publicKeyPemMatcher regex in fast-jwt/src/crypto.js uses a ^ anchor that is defeated by any leading whitespace in the key string, re-enabling the exact same JWT algorithm confusion attack that the CVE patched. Details The f...

fast-jwt: Incomplete fix for CVE-2023-48223: JWT Algorithm Confusion via Whitespace-Prefixed RSA Public Key

Summary The fix for GHSA-c2ff-88x2-x9pg CVE-2023-48223 is incomplete. The publicKeyPemMatcher regex in fast-jwt/src/crypto.js uses a ^ anchor that is defeated by any leading whitespace in the key string, re-enabling the exact same JWT algorithm confusion attack that the CVE patched. Details The f...

CVE-2026-25834

A flaw was found in Mbed TLS. A remote attacker could exploit this vulnerability by performing an algorithm downgrade attack. This could lead to a reduction in the security strength of cryptographic operations, potentially allowing for information disclosure or denial of service. Mitigation...

EUVD-2026-17967

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

CVE-2026-25834

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

ALPINE-CVE-2026-25834

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

CVE-2026-25834

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

UBUNTU-CVE-2026-25834

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

PT-2026-29578

Name of the Vulnerable Software and Affected Versions Mbed TLS versions 3.3.0 through 3.6.5 and version 4.0.0 Description The Mbed TLS software contains a flaw related to Algorithm Downgrade. Recommendations Update to a version later than 3.6.5. Update to a version later than 4.0.0...

Mbed TLS 安全漏洞

Mbed TLS is an open-source, portable, easy-to-use, readable, and flexible SSL library developed by Mbed. Versions 3.3.0 to 3.6.5, as well as 4.0.0, of Mbed TLS contain security vulnerabilities due to a vulnerability that allows for algorithm downgrading...

CVE-2026-25834

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

Secure Network Function Computation for General Target and Security Functions

Secure network function computation is a critical research direction in network coding, which aims to ensure that the target function is correctly computed at the sink node while preventing the wiretapper from obtaining any information about the security function. In this paper, we focus on the...

CVE-2026-25834

CVE-2026-25834 is disclosed in the OpenSUSE/SUSE advisories linked to ovmf and is tied to mbed TLS 3.6.x. The OpenSUSE OpenSUSE-SU-2026:20875-1 advisory describes CVE-2026-25834 as: the client accepts a signature algorithm chosen by the server even if it was not advertised in the client hello. Th...

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

Overview Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation 'Algorithm Downgrade' in the TLS 1.3 session resumption logic if the subsequent ClientHello negotiates TLS 1.2 back. An attacker can gain unauthorized access by impersonating a...

CVE-2026-25834

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...