CVE-2026-3505

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpg. A specially crafted PGP AEAD Authenticated Encryption with Associated Data message with an unbounded chunk size can lead to an excessive consumption of memory. This issue allows an unauthenticated remote attacker to cause memory...

Bouncy Castle Has Covert Timing Channel Vulnerability

Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all core modules. This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.84...

DEBIAN-CVE-2026-0636

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all prov modules. This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from...

CVE-2026-5588 PKIX draft CompositeVerifier accepts empty signature sequence as valid.

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All pkix modules, Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All pkix modules. This vulnerability...

Bouncy Castle Java 安全漏洞

Bouncy Castle Java is an open-source encryption algorithm developed by Legion of the Bouncy Castle Inc. Versions of Bouncy Castle Java prior to 1.84 contained security vulnerabilities. These vulnerabilities stemmed from unlimited resource allocation, which could lead to exhaustion of pre-authoriz...

CVE-2024-3375

Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dialogue: from v1.83 before v1.83.1 or v1.84...