CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

122 matches found

OSV•added 2026/06/12 4:16 p.m.•4 views

UBUNTU-CVE-2026-9638

Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

7.5CVSS5.2AI score0.00305EPSS

Exploits0References6

Packet Storm News•added 2026/05/23 12:0 a.m.•11 views

AI-Driven Adaptive Adversaries and the Erosion of Cryptographic Trust in Public Key Systems

This paper examines the erosion of Public Key Cryptography PKC security under adaptive adversarial optimisation driven by artificial intelligence. The problem addressed is the growing mismatch between algorithm-centric cryptographic security models and operational attack realities, where...

5.8AI score

Exploits0

RedhatCVE•added 2026/05/18 5:31 p.m.•8 views

CVE-2026-8700

A flaw was found in perl-Crypt-DSA. This vulnerability occurs because the software generates cryptographic seeds using Perl's built-in rand function, which is predictable and unsuitable for security-sensitive operations. An attacker could potentially leverage this predictability to weaken the...

7.3CVSS5.7AI score0.00355EPSS

Exploits0References2

Positive Technologies•added 2026/03/05 12:0 a.m.•7 views

PT-2026-23125

Name of the Vulnerable Software and Affected Versions Net::NSCA::Client versions through 0.009002 Description Net::NSCA::Client for Perl utilizes an inadequate random number generator. Version 0.003 transitioned to using Data::Rand::Obscure instead of Crypt::Random for generating initialization...

9.1CVSS5.8AI score0.00409EPSS

Exploits0References9

OSV•added 2026/01/13 7:29 p.m.•6 views

CVE-2025-68704 Jervis has a Weak Random for Timing Attack Mitigation

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses java.util.Random which is not cryptographically secure for timing attack mitigation. This vulnerability is fixed in 2.2...

8.2CVSS6.7AI score0.00231EPSS

Exploits0References4

Positive Technologies•added 2026/01/13 12:0 a.m.•9 views

PT-2026-2497

8.2CVSS6.8AI score0.00231EPSS

Exploits0References4

Packet Storm News•added 2025/11/14 12:0 a.m.•7 views

The Jasmin Compiler Preserves Cryptographic Security

Jasmin is a programming and verification framework for developing efficient, formally verified, cryptographic implementations. A main component of the framework is the Jasmin compiler, which empowers programmers to write efficient implementations of state-of-the-art cryptographic primitives,...

6.8AI score

Exploits0