ROS-20260310-73-0040

A vulnerability in the signature verification functions GOST DSA, EDDSA and ECDSA of the Nettle library is related to flaws in the cryptographic algorithms used. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by entering an invalid signature...

Securing Cryptography in the Age of Quantum Computing and AI: Threats, Implementations, and Strategic Response

This review examines how quantum computing and artificial intelligence challenge current cryptographic systems. We analyze the literature to assess the resilience of algorithms against quantum attacks Shor's and Grover's algorithms and AI-enhanced cryptanalysis. RSA and elliptic curve cryptograph...

EUVD-2026-9823

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Config string generation, web console export modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program routin...

CVE-2025-14480

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2025-14456

CVE-2025-14456 affects IBM MQ Appliance, specifically 9.4 CD through 9.4.4.0 to 9.4.4.1. The root cause is the use of weaker than expected cryptographic algorithms, resulting in a CVSS v3.1 base score of 5.9 (Impact: Confidentiality High; others None). IBM’s bulletin notes this could allow an att...

CVE-2025-14480 IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

EUVD-2026-9009

An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromise the integrity of the SSH session, allowing manipulation of transmitted data if the attacker can interact with the network traffic...

CVE-2026-1627

An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromise the integrity of the SSH session, allowing manipulation of transmitted data if the attacker can interact with the network traffic...

CVE-2026-1627

An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromise the integrity of the SSH session, allowing manipulation of transmitted data if the attacker can interact with the network traffic...

PT-2026-22321

An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromise the integrity of the SSH session, allowing manipulation of transmitted data if the attacker can interact with the network traffic...

Security Bulletin: IBM MQ Appliance uses weaker than expected cryptographic algorithms (CVE-2025-14456)

Summary IBM MQ Appliance has addressed use of weaker than expected cryptographic algorithms. Vulnerability Details CVEID:CVE-2025-14456 DESCRIPTION: IBM MQ Appliance uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CWE:CWE-32...

CVE-2026-2618

A vulnerability was determined in Beetel 777VR1 up to 01.00.09. This impacts an unknown function of the component SSH Service. This manipulation causes risky cryptographic algorithm. The attack is possible to be carried out remotely. The attack is considered to have high complexity. The...

Crypto-RV: High-Efficiency FPGA-Based RISC-V Cryptographic Co-Processor for IoT Security

Cryptographic operations are critical for securing IoT, edge computing, and autonomous systems. However, current RISC-V platforms lack efficient hardware support for comprehensive cryptographic algorithm families and post-quantum cryptography. This paper presents Crypto-RV, a RISC-V co-processor...

AIDE 0.19.3

AIDE Advanced Intrusion Detection Environment is a free replacement for Tripwiretm. It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms ...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.44.0.3), ai.h2o:h2o-algos (>=0.1.9 <=3.44.0.3) +45 more potentially affected by CVE-2024-5986 via ai.h2o:h2o-core (>=0.1.10 <=3.44.0.3)

ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.44.0.3 and more Source cves: CVE-2024-5986 Source advisory: SNYK:JAVA-AIH2O-15182774...

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

PT-2026-5700

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description IBM Concert utilizes cryptographic algorithms that are not sufficiently robust, potentially enabling an attacker to decrypt sensitive information. Recommendations Update to a version later...

Libgcrypt 1.12.0

Libgcrypt is a general-purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers AES, DES, Blowfish, CAST5, Twofish, and Arcfour, hash algorithms MD4, MD5, RIPE-MD160, SHA-1, and TIGER-192, MACs HMAC for all hash...

openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation

A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the openssl dgst command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection...

openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation

A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the openssl dgst command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection...