Lucene search
K

614 matches found

Cvelist
Cvelist
added 2026/04/10 3:7 a.m.35 views

CVE-2026-5501 Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates

wolfSSLX509verifycert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints CA:FALSE that is legitimately signed by a trusted root. An attacker who obtains any leaf...

8.6CVSS0.00184EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/10 3:7 a.m.1 views

CVE-2026-5501

wolfSSLX509verifycert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints CA:FALSE that is legitimately signed by a trusted root. An attacker who obtains any leaf...

8.6CVSS6AI score0.00184EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.7 views

PT-2026-31865

Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 5.9.1 Description The wolfSSL X509 verify cert function within the OpenSSL compatibility layer does not properly check the signature of a certificate's leaf when an untrusted intermediate certificate with Basic...

8.6CVSS5.8AI score0.00184EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.8 views

PT-2026-31973

OpenClaw before 2026.3.22 fails to enforce controlScope restrictions on the send action, allowing leaf subagents to message controlled child sessions beyond their authorized scope. Attackers can exploit this by using the send action to communicate with child sessions without proper scope...

5.3CVSS5.8AI score0.002EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.10 views

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, aimed at developers working with embedded systems. There is a security vulnerability in wolfSSL. This vulnerability stems from the wolfSSLX509verifycert function within the OpenSSL...

8.6CVSS5.9AI score0.00184EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.22 contained security vulnerabilities. These vulnerabilities stemmed from the lack of enforcement of controlScope restrictions on sending operations, which could allow leaf agen...

5.3CVSS5.8AI score0.002EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/09 11:26 p.m.4 views

SUSE CVE-2026-33753

rfc3161-client is a Python library implementing the Time-Stamp Protocol TSP described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw i...

7.5CVSS5.8AI score0.00188EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.9 views

wolfSSL(CyaSSL) 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, aimed at developers working with embedded systems. wolfSSL CyaSSL contains security vulnerabilities; these vulnerabilities stem from the parsing of URI names during certificate chain...

7CVSS5.8AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 4:16 p.m.7 views

CVE-2026-33753

rfc3161-client is a Python library implementing the Time-Stamp Protocol TSP described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw i...

7.5CVSS0.00188EPSS
Exploits1References1
OSV
OSV
added 2026/04/08 3:0 p.m.5 views

GHSA-3XXC-PWJ6-JGRJ rfc3161-client Has Improper Certificate Validation

Summary An Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw in how the library extracts the leaf certificate from an unordered PKCS7 bag of certificates, an attacker ca...

6.2CVSS5.8AI score0.00188EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/04/08 3:0 p.m.8 views

rfc3161-client Has Improper Certificate Validation

Summary An Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw in how the library extracts the leaf certificate from an unordered PKCS7 bag of certificates, an attacker ca...

7.5CVSS5.8AI score0.00188EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/08 2:54 p.m.6 views

CVE-2026-33753 Improper Certificate Validation in rfc3161-client

rfc3161-client is a Python library implementing the Time-Stamp Protocol TSP described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw i...

6.2CVSS5.9AI score0.00188EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 2:54 p.m.3 views

CVE-2026-33753

rfc3161-client is a Python library implementing the Time-Stamp Protocol TSP described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw i...

6.2CVSS5.9AI score0.00188EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006693)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006693 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref BUG Syzbot reported several...

5.5CVSS5.8AI score0.00133EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.3 views

PT-2026-31325

Name of the Vulnerable Software and Affected Versions rfc3161-client versions prior to 1.0.6 Description An authorization bypass issue exists in rfc3161-client's signature verification. An attacker can impersonate a trusted TimeStamping Authority TSA by exploiting a flaw in how the library extrac...

6.2CVSS5.8AI score0.00188EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.4 views

CVE-2026-35199

SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to before 103.11.0, The SymCryptXmssSign function passes a 64-bit leaf count value to a helper function that accepts a 32-bit parameter. For XMSS^MT parameter sets with total tree height = 32 which include...

6.1CVSS6.1AI score0.00281EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.3 views

Signature Placement in Post-Quantum TLS Certificate Hierarchies: An Experimental Study of ML-DSA and SLH-DSA in TLS 1.3 Authentication

Post-quantum migration in TLS 1.3 should not be understood as a flat substitution problem in which one signature algorithm is replaced by another and deployment cost is inferred directly from primitive-level benchmarks. In certificate-based authentication, the practical effect of a signature fami...

5.9AI score
Exploits0
NVD
NVD
added 2026/04/06 8:16 p.m.5 views

CVE-2026-35199

SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to before 103.11.0, The SymCryptXmssSign function passes a 64-bit leaf count value to a helper function that accepts a 32-bit parameter. For XMSS^MT parameter sets with total tree height = 32 which include...

6.1CVSS0.00281EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/06 7:44 p.m.6 views

CVE-2026-35199

SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to before 103.11.0, The SymCryptXmssSign function passes a 64-bit leaf count value to a helper function that accepts a 32-bit parameter. For XMSS^MT parameter sets with total tree height = 32 which include...

6.1CVSS6.1AI score0.00281EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/06 7:44 p.m.18 views

CVE-2026-35199

Summary: CVE-2026-35199 affects the SymCrypt XMSS^MT signing path in Windows. A 64-bit leaf-count is passed to a 32-bit parameter helper, causing silent truncation to zero for XMSS^MT parameter sets with total tree height ≥ 32. This leads to an undersized scratch buffer and a heap buffer overflow...

6.1CVSS6.1AI score0.00281EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder