Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5907 matches found

CNNVD
CNNVDadded 2026/04/01 12:0 a.m.4 views

MEPIS RM 安全漏洞

MEPIS RM is a management platform developed by the Slovenian company MEPIS, used for centralized monitoring and remote control of devices. There is a security vulnerability in MEPIS RM, which stems from the hardcoded encryption key present in the Mx.Web.ComponentModel.dll component. This...

6.7CVSS5.8AI score0.0016EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/01 12:0 a.m.4 views

PT-2026-29590

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected...

5.1CVSS5.9AI score0.0027EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/04/01 12:0 a.m.4 views

Mbed TLS 安全漏洞

Mbed TLS is an open-source, portable, easy-to-use, readable, and flexible SSL library developed by Mbed TLS. Mbed TLS versions 4.0.0 and earlier, as well as TF-PSA-Crypto versions 1.0.0 and earlier, have security vulnerabilities. These vulnerabilities stem from compiler-induced timing side...

5.1CVSS5.8AI score0.0027EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/04/01 12:0 a.m.5 views

PT-2026-29615

CVE-2025-13916 IBM Aspera Shares 1.9.9 through 1.11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information https://t.co/9yjkajA2Sp...

5.9CVSS5.9AI score0.00203EPSS
Exploits0References3
CVE
CVEadded 2026/04/01 12:0 a.m.20 views

CVE-2025-66442

CVE-2025-66442 affects Mbed TLS up to 4.0.0 and TF-PSA-Crypto up to 1.0.0. The issue is a compiler-induced timing side channel in RSA and CBC/ECB decryption that occurs specifically with LLVM’s select-optimize feature. The CVSSv3.1 metrics describe a local attack with high complexity, no privileg...

5.1CVSS5.9AI score0.0027EPSS
Exploits0References4Affected Software2
Snyk
Snykadded 2026/04/01 12:0 a.m.1 views

Covert Timing Channel

Overview Affected versions of this package are vulnerable to Covert Timing Channel via timing differences in RSA and CBC/ECB decryption operations when the LLVM compiler's select-optimize feature is enabled. An attacker can infer sensitive information, such as cryptographic keys, by analyzing the...

5.9CVSS5.8AI score0.0027EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-32877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/04/01 12:0 a.m.2 views

CVE-2025-66442

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected...

5.1CVSS5.2AI score0.0027EPSS
Exploits0
Snyk
Snykadded 2026/03/30 10:36 p.m.2 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the SM2 decryption process due to improper validation of the encoded C3 hash field length prior to comparison. An attacker can cause a heap buffer over-read, potentially leading to a crash or other undefined...

8.8CVSS6AI score0.00278EPSS
Exploits0References2
NVD
NVDadded 2026/03/30 9:17 p.m.3 views

CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS0.00278EPSS
Exploits0References1
OSV
OSVadded 2026/03/30 9:17 p.m.3 views

DEBIAN-CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.4AI score0.00278EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2026/03/30 9:17 p.m.3 views

CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References2
OSV
OSVadded 2026/03/30 9:17 p.m.3 views

UBUNTU-CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.7AI score0.00278EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/03/30 8:36 p.m.1 views

CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2026/03/30 8:36 p.m.21 views

CVE-2026-32877 Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS0.00278EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/30 8:36 p.m.1 views

CVE-2026-32877 Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/30 8:36 p.m.6 views

EUVD-2026-17210

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References1
OSV
OSVadded 2026/03/30 8:36 p.m.4 views

CVE-2026-32877 Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/03/30 8:36 p.m.6 views

CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.3AI score0.00278EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2026/03/30 8:36 p.m.2 views

CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.7AI score0.00278EPSS
Exploits0References1
Rows per page
Query Builder