Lucene search
K

166 matches found

OSV
OSV
added 2026/07/07 4:3 p.m.8 views

PYSEC-2026-1448 libsodium has Incomplete List of Disallowed Inputs

libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group. This advisoory...

4.5CVSS6AI score0.00166EPSS
Exploits0References16
NVD
NVD
added 2026/06/25 4:16 p.m.6 views

CVE-2026-57452

Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt04! or VimCrypt05! method xchacha20poly1305, requires the +sodium feature whose body is shorter than a single libsodium secretstream header, an unsigned length calculation underflo...

5.5CVSS0.0012EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 3:27 p.m.37 views

CVE-2026-57452

Vim (affected: Vim 9.2.x prior to 9.2.0671) is vulnerable when opening files encrypted with VimCrypt~04!/VimCrypt~05! using the libsodium secretstream path, where an unsigned length underflow for bodies shorter than a secretstream header causes a decryption call to read past the input buffer, cra...

5.5CVSS5.9AI score0.0012EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/25 3:27 p.m.8 views

CVE-2026-57452

Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt04! or VimCrypt05! method xchacha20poly1305, requires the +sodium feature whose body is shorter than a single libsodium secretstream header, an unsigned length calculation underflo...

5.5CVSS5.9AI score0.0012EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 3:27 p.m.47 views

CVE-2026-57452 Vim: Out-of-bounds Read with libsodium-encrypted Files

Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt04! or VimCrypt05! method xchacha20poly1305, requires the +sodium feature whose body is shorter than a single libsodium secretstream header, an unsigned length calculation underflo...

5.5CVSS0.0012EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.16 views

PT-2026-52477

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0671 Description When opening a file encrypted using the VimCrypt04! or VimCrypt05! methods which utilize xchacha20poly1305 and require the +sodium feature, an unsigned length calculation underflows if the file body i...

7.8CVSS5.7AI score0.00137EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

EulerOS Virtualization 2.13.1 : libsodium (EulerOS-SA-2026-2136)

According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...

4.5CVSS5.6AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.12 views

EulerOS Virtualization 2.10.1 : libsodium (EulerOS-SA-2026-2026)

According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...

4.5CVSS5.5AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

EulerOS Virtualization 2.10.0 : libsodium (EulerOS-SA-2026-2053)

According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...

4.5CVSS5.5AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.12 views

EulerOS Virtualization 2.13.0 : libsodium (EulerOS-SA-2026-2175)

According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...

4.5CVSS5.6AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.7 views

SUSE SLES16 Security Update : python-PyNaCl (SUSE-SU-2026:21431-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:21431-1 advisory. Security fixes: - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to...

4.5CVSS5.8AI score0.00166EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 5:56 p.m.6 views

Security Bulletin:libsodium vulnerability: invalid elliptic curve point validation in crypto_core_ed25519_is_valid_point

Summary libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group...

4.5CVSS5.9AI score0.00166EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.5 views

openSUSE 16 Security Update : python-PyNaCl (openSUSE-SU-2026:20650-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20650-1 advisory. Security fixes: - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to...

4.5CVSS5.8AI score0.00166EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.8 views

openSUSE 16 Security Update : libsodium (openSUSE-SU-2026:20642-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20642-1 advisory. Security fixes: - CVE-2025-15444: Cryptographic bypass via improper elliptic curve point validation bsc1256070. - CVE-2025-69277: incorrect...

9.8CVSS5.9AI score0.00228EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/30 12:0 a.m.5 views

Security update for python-PyNaCl (moderate)

openSUSE security update: security update for python-pynacl ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20650-1 Rating: moderate References: bsc1161557 bsc1199282 bsc1255764 Cross-References: CVE-2025-69277 CVSS scores: CVE-2025-69277 SUSE : 4.4...

4.8CVSS6.1AI score0.00166EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/30 12:0 a.m.7 views

Security update for libsodium (moderate)

openSUSE security update: security update for libsodium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20642-1 Rating: moderate References: bsc1255764 bsc1256070 Cross-References: CVE-2025-15444 CVE-2025-69277 CVSS scores: CVE-2025-15444 SUSE : 6.8...

6.8CVSS5.5AI score0.00228EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 2:17 p.m.3 views

OPENSUSE-SU-2026:20650-1 Security update for python-PyNaCl

This update for python-PyNaCl fixes the following issues: Security fixes: - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint function bsc1255764. Other fixes: - update to 1.6.2 bsc1255764, CVE-2025-69277:...

4.5CVSS5.9AI score0.00166EPSS
Exploits0References4
OSV
OSV
added 2026/04/29 2:15 p.m.10 views

SUSE-SU-2026:21431-1 Security update for python-PyNaCl

This update for python-PyNaCl fixes the following issues: Security fixes: - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint function bsc1255764. Other fixes: - update to 1.6.2 bsc1255764, CVE-2025-69277:...

4.5CVSS5.9AI score0.00166EPSS
Exploits0References5
OSV
OSV
added 2026/04/28 3:28 p.m.3 views

SUSE-SU-2026:21422-1 Security update for libsodium

This update for libsodium fixes the following issues: Security fixes: - CVE-2025-15444: Cryptographic bypass via improper elliptic curve point validation bsc1256070. - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to...

9.8CVSS5.9AI score0.00228EPSS
Exploits0References5
OSV
OSV
added 2026/04/28 3:28 p.m.3 views

SUSE-SU-2026:21393-1 Security update for libsodium

This update for libsodium fixes the following issues: Security fixes: - CVE-2025-15444: Cryptographic bypass via improper elliptic curve point validation bsc1256070. - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to...

9.8CVSS5.9AI score0.00228EPSS
Exploits0References5
Rows per page
Query Builder