Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/04/30 7:30 p.m.1 views

JLSEC-2026-373

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mgaesgcmdecrypt of the file /src/tlsaes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be...

6.3CVSS4.6AI score0.00007EPSS
Exploits1References5
Debian CVE
Debian CVEadded 2026/04/25 4:30 p.m.2 views

CVE-2026-6986

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mgaesgcmdecrypt of the file /src/tlsaes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be...

6.3CVSS4.1AI score0.00007EPSS
Exploits1
ATTACKERKB
ATTACKERKBadded 2026/04/25 4:30 p.m.1 views

CVE-2026-6986

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mgaesgcmdecrypt of the file /src/tlsaes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be...

6.3CVSS4.1AI score0.00007EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/04/25 4:30 p.m.28 views

CVE-2026-6986 Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mgaesgcmdecrypt of the file /src/tlsaes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be...

6.3CVSS0.00007EPSS
Exploits1References5
EUVD
EUVDadded 2026/04/25 4:30 p.m.1 views

EUVD-2026-25662

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mgaesgcmdecrypt of the file /src/tlsaes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be...

6.3CVSS4.5AI score0.00007EPSS
Exploits1References5
NVD
NVDadded 2025/06/03 11:15 p.m.8 views

CVE-2025-24015

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Versions 1.46.0 through 2.1.6 have an issue that affects AES-256-GCM and AES-128-GCM in Deno in which the authentication tag is not being validated. This means tampered ciphertexts or incorrect keys might not be detected, which breaks the...

8.7CVSS0.00173EPSS
Exploits1References4
OSV
OSVadded 2025/06/03 10:48 p.m.5 views

CVE-2025-24015 Deno's AES GCM authentication tags are not verified

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Versions 1.46.0 through 2.1.6 have an issue that affects AES-256-GCM and AES-128-GCM in Deno in which the authentication tag is not being validated. This means tampered ciphertexts or incorrect keys might not be detected, which breaks the...

8.7CVSS6.7AI score0.00173EPSS
Exploits1References6
CVE
CVEadded 2025/06/03 10:48 p.m.50 views

CVE-2025-24015

Deno (JavaScript/TypeScript/WebAssembly runtime) versions 1.46.0–2.1.6 suffer from a bug where AES-256-GCM and AES-128-GCM authentication tags are not validated, allowing tampered ciphertexts or incorrect keys to bypass integrity checks. The issue also affects AAD within GCM (set_aad), underminin...

8.7CVSS6.6AI score0.00173EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder