51 matches found
MINI-523C-98Q3-CCX7
Bulletin has no description...
CVE-2026-48524
A flaw was found in PyJWT, a Python library for JSON Web Token JWT implementation. A remote attacker can exploit this vulnerability by sending specially crafted JWTs with unknown 'kid' key ID values. This can force the PyJWKClient.getsigningkey function to make an unlimited number of unrate-limit...
PT-2026-44940
Name of the Vulnerable Software and Affected Versions liboqs versions prior to 0.16.0 Description An out-of-bounds read exists in the XMSS and XMSS^MT stateful signature verification code. This occurs when the verification function is called with a signature buffer sized for the declared algorith...
PYSEC-0000-CVE-2026-48524
PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...
PT-2026-44396
Name of the Vulnerable Software and Affected Versions PyJWT versions prior to 2.13.0 Description PyJWT is a JSON Web Token implementation in Python. The get signing key function in PyJWKClient forces a new HTTP request to the JWKS endpoint for every JWT containing an unknown kid value, without...
JLSEC-2026-276 Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads...
Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...
CVE-2026-5447
A flaw was found in wolfSSL. A heap buffer overflow, a type of memory corruption vulnerability, occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension. A remote attacker could exploit this flaw to cause a low integrity impact...
EUVD-2026-21183
Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...
CVE-2026-5447
Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...
CVE-2026-5447
Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...
UBUNTU-CVE-2026-5447
Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...
CVE-2026-5447
CVE-2026-5447 is a heap buffer overflow in CertFromX509 due to AuthorityKeyIdentifier size confusion when converting X.509 certs, reported across multiple advisories (wolfSSL-related). Root cause: incorrect size handling of AuthorityKeyIdentifier during internal certificate processing. Documented...
CVE-2026-5447 Heap buffer overflow in CertFromX509() via AuthorityKeyIdentifier
Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...
CVE-2026-5447
Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...
CVE-2026-5447 Heap buffer overflow in CertFromX509() via AuthorityKeyIdentifier
Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...
CVE-2026-5447
Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...
CVE-2026-5447
Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...
PT-2026-31737
Name of the Vulnerable Software and Affected Versions CertFromX509 affected versions not specified Description A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension. Recommendations At the moment, there...
SUSE CVE-2026-31789
Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...
CVE-2026-34580
A flaw was found in Botan, a C++ cryptography library. Due to a misleading function name and an assumption in path validation logic, an end entity certificate could be incorrectly accepted as a trusted root. This occurs when the end entity certificate's Distinguished Name DN and Subject Key...