Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

754 matches found

EUVD
EUVDadded 2026/04/10 12:30 a.m.3 views

EUVD-2026-21235

A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with modified ciphertext. In previous versions of wolfSSL the interior padding bytes are not validated...

6.3CVSS5.9AI score0.00018EPSS
Exploits0References2
Snyk
Snykadded 2026/04/10 12:8 a.m.5 views

Improper Validation of Integrity Check Value

Overview Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value via the PKCS7 CBC decryption process. An attacker can recover plaintext data by sending repeated decryption queries with modified ciphertext, exploiting improper validation of interior paddin...

6.3CVSS5.8AI score0.00018EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/04/09 11:17 p.m.2 views

CVE-2026-5504

A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with modified ciphertext. In previous versions of wolfSSL the interior padding bytes are not validated...

6.3CVSS5.8AI score0.00018EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/09 10:33 p.m.19 views

CVE-2026-5504 PKCS7 CBC Padding Oracle — Plaintext Recovery

A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with modified ciphertext. In previous versions of wolfSSL the interior padding bytes are not validated...

6.3CVSS0.00018EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/04/09 10:33 p.m.4 views

CVE-2026-5504

A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with modified ciphertext. In previous versions of wolfSSL the interior padding bytes are not validated...

6.3CVSS5.3AI score0.00018EPSS
Exploits0
CVE
CVEadded 2026/04/09 10:33 p.m.9 views

CVE-2026-5504

CVE-2026-5504 affects wolfSSL’s PKCS7 CBC decryption. A padding oracle could enable plaintext recovery via repeated decryption queries with modified ciphertext; earlier wolfSSL versions did not validate interior padding bytes. The Connected documents confirm this is a padding oracle vulnerability...

6.3CVSS5.9AI score0.00018EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/09 12:0 a.m.2 views

PT-2026-31817

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with modified ciphertext. The interior padding...

6.3CVSS5.2AI score0.00018EPSS
Exploits0References10
SUSE CVE
SUSE CVEadded 2026/04/07 11:26 p.m.7 views

SUSE CVE-2026-31790

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

6.5CVSS6.1AI score0.00042EPSS
Exploits0References16
Vulnrichment
Vulnrichmentadded 2026/04/07 10:0 p.m.3 views

CVE-2026-31790 Incorrect Failure Handling in RSA KEM RSASVE Encapsulation

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

6AI score0.00042EPSS
Exploits0References6
CNNVD
CNNVDadded 2026/04/07 12:0 a.m.2 views

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

9.1CVSS5.8AI score0.00025EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/04/03 3:39 a.m.5 views

Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length

Summary The X-Wing decapsulation path accepts attacker-controlled encapsulated ciphertext bytes without enforcing the required fixed ciphertext length. The decapsulation call is forwarded into a C API, which expects a compile-time fixed-size ciphertext buffer of 1120 bytes. This creates an FFI...

7.5CVSS6.2AI score0.00073EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2026/04/03 3:39 a.m.0 views

GHSA-9M44-RR2W-PPP7 Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length

Summary The X-Wing decapsulation path accepts attacker-controlled encapsulated ciphertext bytes without enforcing the required fixed ciphertext length. The decapsulation call is forwarded into a C API, which expects a compile-time fixed-size ciphertext buffer of 1120 bytes. This creates an FFI...

8.8CVSS6.2AI score0.00073EPSS
Exploits1References3
GitLab Advisory Database
GitLab Advisory Databaseadded 2026/04/03 12:0 a.m.6 views

Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length

The X-Wing decapsulation path accepts attacker-controlled encapsulated ciphertext bytes without enforcing the required fixed ciphertext length. The decapsulation call is forwarded into a C API, which expects a compile-time fixed-size ciphertext buffer of 1120 bytes. This creates an FFI...

7.5CVSS6AI score0.00073EPSS
Exploits1References4Affected Software1
RustSec
RustSecadded 2026/03/29 12:0 p.m.14 views

Potential Panic on Overlong Ciphertext Buffer

An application that passes in a ciphertext buffer of length greater than ptxt.len + TAGLEN to libcruxchacha20poly1305::encrypt or libcruxchacha20poly1305::xchacha20poly1305::encrypt would experience a panic. Impact An application where the length of the ciphertext buffer is under attacker control...

5.9AI score
Exploits0Affected Software1
OSV
OSVadded 2026/03/29 12:0 p.m.5 views

RUSTSEC-2026-0124 Potential Panic on Overlong Ciphertext Buffer

An application that passes in a ciphertext buffer of length greater than ptxt.len + TAGLEN to libcruxchacha20poly1305::encrypt or libcruxchacha20poly1305::xchacha20poly1305::encrypt would experience a panic. Impact An application where the length of the ciphertext buffer is under attacker control...

8.2CVSS5.9AI score
Exploits0References3
Ubuntu
Ubuntuadded 2026/03/26 3:54 p.m.7 views

USN-8128-1: CryptX vulnerabilities

It was discovered that CryptX did not verify authentication tags while performing GCM and ChaCha20-Poly1305 decryption. An attacker could possibly use this issue to cause CryptX to accept modified ciphertext, leading to data integrity violations or authentication bypass. This issue only affected...

9.8CVSS5.9AI score0.00538EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2026/03/26 3:2 p.m.1 views

CVE-2026-32313

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Prior to 3.1.5, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover...

8.2CVSS5.9AI score0.00052EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/03/26 3:0 p.m.2 views

CVE-2026-33512

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the API plugin exposes a decryptString action without any authentication. Anyone can submit ciphertext and receive plaintext. Ciphertext is issued publicly e.g., view/url2Embed.json.php, so any user can recover...

7.5CVSS5.7AI score0.00046EPSS
Exploits1References1
NVD
NVDadded 2026/03/23 7:16 p.m.0 views

CVE-2026-33512

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the API plugin exposes a decryptString action without any authentication. Anyone can submit ciphertext and receive plaintext. Ciphertext is issued publicly e.g., view/url2Embed.json.php, so any user can recover...

7.5CVSS0.00046EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/03/23 6:17 p.m.23 views

CVE-2026-33512 AVideo has an unauthenticated decrypt oracle leaking any ciphertext

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the API plugin exposes a decryptString action without any authentication. Anyone can submit ciphertext and receive plaintext. Ciphertext is issued publicly e.g., view/url2Embed.json.php, so any user can recover...

7.5CVSS0.00046EPSS
Exploits1References2
Rows per page
Query Builder