CVE-2026-42770

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

CVE-2026-42770

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

PT-2026-47840

Name of the Vulnerable Software and Affected Versions OpenSSL FIPS modules versions 3.0, 3.4, 3.5, 3.6, and 4.0 Description When the EVP PKEY derive set peer function is called with a DHX X9.42 peer key, the software fails to properly verify subgroup membership. Specifically, the check Y^q ≡ 1 mo...

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

CVE-2026-45614 OP-TEE vulnerable to ECDH private key recovery

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Prior to version 4.11.0, on many of the ECDH shared secret paths, the public key isn't verified to be a point on the correct curve. By...

cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

A validation flaw has been discovered in the python cryptography package. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification ECDSA and...

cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

A validation flaw has been discovered in the python cryptography package. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification ECDSA and...

USN-8319-1: Libgcrypt vulnerabilities

It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue to cause Libgcrypt to crash, resulting in a denial of service. CVE-2026-41989 It was discovered that Libgcrypt incorrectly handled Dilithium signing. An attacker could possibly...

CVE-2026-44053

Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...

CVE-2026-44053 Weak cryptography in DHCAST128 UAM

Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...

CVE-2026-44053

Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...

Astra Linux - уязвимость в openssl

Issue summary: Checking excessively long DH keys or parameters can be very slow. Applications that use functions such as DHcheck, DHcheckex, or EVPPKEYparamcheck to check DH keys or parameters may experience prolonged delays. If the key or parameters are obtained from an untrusted source, this ca...

Astra Linux - уязвимость в nodejs

The generateKeys API function returned by crypto.createDiffieHellman only generates missing or outdated keys. In other words, it only generates a private key if none has been set yet. However, this function is also needed to compute the corresponding public key after calling setPrivateKey...

Astra Linux - уязвимость в openssl1.0

The Raccoon attack exploits a flaw in the TLS specification, which allows an attacker to calculate the pre-master secret in connections that use a Diffie-Hellman DH-based ciphersuite. In such cases, the attacker can eavesdrop on all encrypted communications sent over that TLS connection. The atta...

OESA-2026-2346 libgcrypt security update

Libgcrypt is a general purpose cryptographic library originally based on code from GnuPG. Security Fixes: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt.CVE-2026-41989...

CVE-2026-6923

A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman ECDH key...

CVE-2026-6923 Nuvoton - CWE-1300: Improper Protection of Physical Side Channels

A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman ECDH key...

PT-2026-40966

A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman ECDH key...

Nuvoton NPCT7xx 安全漏洞

Nuvoton NPCT7xx is a series of TPM security controllers developed by Nuvoton Corporation in Taiwan, China, aimed at trusted computing and platform security management. Nuvoton NPCT7xx has security vulnerabilities, which stem from side-channel attacks and may lead to the extraction of elliptic cur...

libssh2: Fix of 2 CVEs

CVE-2019-13115: add bounds-checked stringbuf helpers and use them in diffiehellmansha1 to prevent out-of-bounds read on malformed KEX reply - CVE-2019-17498: harden bounds checks in SSHMSGDISCONNECT, SSHMSGDEBUG and SSHMSGGLOBALREQUEST handlers to prevent integer overflow / out-of-bounds read...