CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2026/04/01 12:0 a.m.•1 views

CVE-2026-34872

An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values lack of contributor...

9.1CVSS5.3AI score0.00204EPSS

RedhatCVE•added 2026/03/20 4:9 p.m.•4 views

CVE-2026-3230

A flaw was found in wolfSSL. A remote attacker could exploit a missing cryptographic step in the Transport Layer Security TLS 1.3 client HelloRetryRequest handshake logic. By sending a crafted HelloRetryRequest followed by a ServerHello message that omits the required keyshare extension, an...

2.7CVSS5.8AI score0.00209EPSS

Exploits0References2

EUVD•added 2026/03/19 9:30 p.m.•6 views

EUVD-2026-13209

Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required keyshare extension,...

2.1CVSS5.8AI score0.00209EPSS

Exploits0References2

CVE•added 2026/03/19 8:59 p.m.•9 views

CVE-2026-3230

wolfSSL’s TLS 1.3 client logic is affected by an improper key_share handling during HelloRetryRequest, allowing a crafted HelloRetryRequest followed by a ServerHello without the key_share extension to derive predictable traffic secrets from the (EC)DHE shared secret. Affected component: TLS hands...

2.7CVSS5.8AI score0.00209EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/03/19 12:0 a.m.•6 views

PT-2026-26366

2.1CVSS5.8AI score0.00209EPSS

Exploits0References4

Packet Storm News•added 2026/03/16 12:0 a.m.•1 views

Botan C++ Crypto Algorithms Library 3.11.0

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...

5.8AI score

Github Security Blog•added 2026/02/25 7:17 p.m.•9 views

CIRCL has an incorrect calculation in secp384r1 CombinedMult

The CombinedMult function in the CIRCL ecc/p384 package secp384r1 curve produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in v1.6.3...

9.8CVSS5.4AI score0.00397EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/02/24 7:58 a.m.•18 views

CVE-2026-1229 Incorrect calculation in CIRCL secp384r1 CombinedMult

6.3CVSS0.00397EPSS

Exploits0References1

Vulnrichment•added 2026/02/24 7:58 a.m.•5 views

CVE-2026-1229 Incorrect calculation in CIRCL secp384r1 CombinedMult

6.3CVSS5.3AI score0.00397EPSS

Exploits0References1

Oracle linux•added 2026/02/16 12:0 a.m.•12 views

openssl security update

1.0.2k-26.0.1fips - Change Epoch from 1 to 10 - Fix DH self-test to add shared secret comparison Orabug: 32467026 - Add DH support changes for SP 800-56A rev3 requirements Orabug: 32467059 - Add TLS KDF self-test Orabug: 32467193 - Add EC keys pairwise consistency test Orabug: 32467059...

7.5CVSS6.5AI score0.0177EPSS

OSV•added 2026/02/12 10:12 p.m.•3 views

GHSA-435G-FCV3-8J26 Bug-Fixes in `libcrux-ecdh`, `libcrux-ed25519`, `libcrux-psq`

In accordance with our security policy for libcrux, we publish a GitHub security advisory for any releases whose CHANGELOG includes bug-fixes, and encourage our users to upgrade. The latest releases of the libcrux-ecdh, libcrux-ed25519 and libcrux-psq crates contain the following bug-fixes:...

5.5AI score

Exploits0References12

OSV•added 2026/02/04 12:0 p.m.•5 views

RUSTSEC-2026-0072 Missing Check for All-Zero X25519 Shared Secret

Computing an X25519 shared secret with x25519dalek::StaticSecret::diffiehellman does not include the check that the key exchange was contributory, i.e. does not ensure on its own that the resulting shared secret is non-zero. Impact RFC 9180 mandates that implementations of HPKE must check for all...

5.8AI score

Exploits0References3

NVD•added 2026/01/29 4:16 p.m.•7 views

CVE-2025-62514

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

8.3CVSS0.0026EPSS

Vulnrichment•added 2026/01/29 3:46 p.m.•6 views

CVE-2025-62514 `libparsec_crypto` does not check for weak order point of curve 25519

Cvelist•added 2026/01/29 3:46 p.m.•29 views

CVE-2025-62514 `libparsec_crypto` does not check for weak order point of curve 25519

8.3CVSS0.0026EPSS

ATTACKERKB•added 2026/01/29 3:46 p.m.•5 views

CVE-2025-62514

Exploits1References6Affected Software1

EUVD•added 2026/01/29 3:46 p.m.•5 views

EUVD-2025-206513

CVE•added 2026/01/29 3:46 p.m.•9 views

CVE-2025-62514

Parsec’s 3.x web component libparsec_crypto (RustCrypto backend) does not verify weak order points for Curve25519 in versions before 3.6.0. An attacker in a MITM could supply weak order points to both parties during Diffie-Hellman, increasing the chance that both ends derive the same shared key a...

Exploits1References5Affected Software1

OSV•added 2026/01/29 3:46 p.m.•6 views

CVE-2025-62514 `libparsec_crypto` does not check for weak order point of curve 25519