2 matches found
CVE-2026-9058
Szafir SDK returns a success status code from the cryptographic digital signature verification process i.e. /VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0, "Positively verified" even when the trust status of the signer's certificate could not be established i.e...
CVE-2026-9058
The Szafir SDK is affected by an improper certificate verification issue where the verification process returns success (Result/@code == 0) even when the signer certificate trust status is nondetermined. This leads consuming applications to treat signatures as valid despite an unverified certific...