SUSE CVE-2026-44518

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a signature...

Linux Distros Unpatched Vulnerability : CVE-2026-46344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has...

Linux Distros Unpatched Vulnerability : CVE-2026-44518

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has...

CVE-2026-46344

A flaw was found in liboqs, a C-language cryptographic library. An out-of-bounds read vulnerability exists in the XMSS and XMSS^MT stateful signature verification code. A remote attacker could exploit this by providing a specially crafted public key that causes the verification function to read...

CVE-2026-44518

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a signature...

CVE-2026-46344

CVE-2026-46344 pertains to the liboqs C library (post-quantum cryptography). Before v0.16.0, there is a heap/out-of-bounds risk in XMSS/XMSS^MT stateful signature verification when a public key’s OID points to a larger parameter set than the declared algorithm, causing xmss_sign_open / xmssmt_sig...

CVE-2026-44518

liboqs (C library for post-quantum crypto) exposes a buffer overread in XMSS/XMSS^MT stateful signature verification prior to 0.16.0. If verify is called with a signature shorter than the parameter’s sig_bytes, length isn't validated and the code reads past the end of the signature buffer. The ex...

CVE-2026-44518 liboqs: XMSS Buffer Overread Bug

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a signature...

liboqs 缓冲区错误漏洞

Liboqs is an open-source project under Open Quantum Safe, which is an open-source C library for quantum secure encryption algorithms. Versions of Liboqs prior to 0.16.0 contained a buffer error vulnerability. This vulnerability stems from out-of-bounds reads in the XMSS and XMSS^MT state signatur...

PT-2026-44940

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...

EUVD-2024-29389

Malicious code in bioql PyPI...

EUVD-2025-16528

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-36405

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identifi...

Linux Distros Unpatched Vulnerability : CVE-2025-52473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Multiple secret-dependent branches have been...

Linux Distros Unpatched Vulnerability : CVE-2025-48946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. liboqs prior to version 0.13.0 supports the...

liboqs-devel-0.14.0-1.1 on GA media (moderate)

liboqs-devel-0.14.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15339-1 Rating: moderate Cross-References: CVE-2025-52473 CVSS scores: CVE-2025-52473 SUSE : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2025-52473 SUSE : 5.9...

SUSE CVE-2025-52473

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Multiple secret-dependent branches have been identified in the reference implementation of the HQC key encapsulation mechanism when it is compiled with Clang for optimization levels...

OPENSUSE-SU-2025:15339-1 liboqs-devel-0.14.0-1.1 on GA media

These are all security issues fixed in the liboqs-devel-0.14.0-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-52473

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Multiple secret-dependent branches have been identified in the reference implementation of the HQC key encapsulation mechanism when it is compiled with Clang for optimization levels...

CVE-2025-52473 liboqs secret-dependent branching in HQC reference implementation when compiled with Clang 17-20

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Multiple secret-dependent branches have been identified in the reference implementation of the HQC key encapsulation mechanism when it is compiled with Clang for optimization levels...