CVE-2025-68402

FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. passwordverify is currently being called with a constructed string SHA-256 nonce + part of a bcrypt hash instead of the raw user password. Due to bcrypt’s 72-byte...

CVE-2025-68402

FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. passwordverify is currently being called with a constructed string SHA-256 nonce + part of a bcrypt hash instead of the raw user password. Due to bcrypt’s 72-byte...

CVE-2025-68402

FreshRSS authentication issue affecting the edge branch (from commit range 57e1a37–00f2f04). The nonce length was increased from 40 to 64, and password_verify() is called with a constructed string (SHA-256 nonce + part of a bcrypt hash) instead of the raw user password. Due to bcrypt’s 72-byte in...

CVE-2025-68402

FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. passwordverify is currently being called with a constructed string SHA-256 nonce + part of a bcrypt hash instead of the raw user password. Due to bcrypt’s 72-byte...

EUVD-2025-208445

FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. passwordverify is currently being called with a constructed string SHA-256 nonce + part of a bcrypt hash instead of the raw user password. Due to bcrypt’s 72-byte...

CVE-2025-68402 FreshRSS has an authentication bypass due to truncated bcrypt hash [edge branch]

FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. passwordverify is currently being called with a constructed string SHA-256 nonce + part of a bcrypt hash instead of the raw user password. Due to bcrypt’s 72-byte...

CVE-2025-68402 FreshRSS has an authentication bypass due to truncated bcrypt hash [edge branch]

FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. passwordverify is currently being called with a constructed string SHA-256 nonce + part of a bcrypt hash instead of the raw user password. Due to bcrypt’s 72-byte...

CVE-2025-68402 FreshRSS has an authentication bypass due to truncated bcrypt hash [edge branch]

FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. passwordverify is currently being called with a constructed string SHA-256 nonce + part of a bcrypt hash instead of the raw user password. Due to bcrypt’s 72-byte...

EUVD-2025-208444

FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. passwordverify is currently being called with a constructed string SHA-256 nonce + part of a bcrypt hash instead of the raw user password. Due to bcrypt’s 72-byte...

PT-2026-24102

Name of the Vulnerable Software and Affected Versions FreshRSS versions prior to 1.27.2-dev Description FreshRSS, a self-hostable RSS aggregator, contains a flaw related to password verification. A change in the length of the nonce, from 40 to 64 characters between commits 57e1a37 and 00f2f04,...

Improper Password Verification

org.springframework.security, spring-security-crypto is vulnerable to Improper password verification. The vulnerability is due to BCrypt's 72-character password truncation causing BCryptPasswordEncoder.matches to validate only the first 72 characters, allowing incorrect password acceptance...

Insecure Encryption

Overview bcrypt is an A library to help you hash passwords. Affected versions of this package are vulnerable to Insecure Encryption. Data is truncated wrong when its length is greater than 255 bytes. Remediation Upgrade bcrypt to version 5.0.0 or higher. References - GitHub Issue - GitHub PR 1 -...