Lucene search
K

34 matches found

Tenable Nessus
Tenable Nessus
added 3 days ago3 views

Linux Distros Unpatched Vulnerability : CVE-2026-6330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2...

6.5CVSS5.9AI score0.0013EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 9:1 p.m.10 views

CVE-2026-6330

CVE-2026-6330 : In ML-KEM targeting ARM64 NEON, the ciphertext comparison only checks half of the input. This breaks the Fujisaki-Okamoto transform’s implicit rejection, weakening IND-CCA2 security on that path. The constant-time comparison thus ignores part of the re-encrypted ciphertext, allowi...

6.5CVSS5.9AI score0.0013EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/25 7:59 p.m.10 views

CVE-2026-10097

Summary: CVE-2026-10097 affects wolfSSL’s ML-KEM-1024 x64 AVX2 implementation. The Fujisaki-Okamoto decapsulation path performs an incomplete ciphertext check, failing to compare the final portion of the 1568-byte ciphertext. As a result, ciphertexts manipulated in those final bytes can bypass im...

8.3CVSS5.8AI score0.00161EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 7:59 p.m.31 views

CVE-2026-10097 ML-KEM-1024 x64 AVX2 incomplete cipher text comparison enables IND-CCA2 break and static private-key recovery

wolfSSL's AVX2-optimized ML-KEM implementation mlkemcmpavx2 compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the expected re-encryption solely in bytes 1536-1567 bypass implicit rejection and...

8.3CVSS0.00161EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 7:59 p.m.6 views

CVE-2026-10097

wolfSSL's AVX2-optimized ML-KEM implementation mlkemcmpavx2 compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the expected re-encryption solely in bytes 1536-1567 bypass implicit rejection and...

8.3CVSS5.8AI score0.00161EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52560

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description The AVX2-optimized ML-KEM implementation contains a logic error in the mlkem cmp avx2 function during the Fujisaki-Okamoto transform. In ML-KEM-1024 decapsulation, the constant-time ciphertex...

8.3CVSS5.8AI score0.00161EPSS
Exploits0References6
RustSec
RustSec
added 2026/06/04 12:0 p.m.14 views

`pqcrypto-mlkem` is unmaintained: upstream PQClean project being archived

This crate provides Rust bindings to ML-KEM FIPS 203 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result, this crat...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.8 views

PT-2026-49125

The pqcrypto crate and the entire pqcrypto- ecosystem wrap C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches, algorithm updates, or bug fixes will be applied to the upstream implementations. ...

5.3AI score
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/03/04 12:0 p.m.15 views

libcrux-digest (>=0.0.4 <=0.0.7-rc.1), libcrux-kem (>=0.0.2 <=0.0.2-beta.3) +7 more potentially affected by unknown CVE via libcrux-sha3 (>=0.0.2-beta.3 <=0.0.8-rc.1)

libcrux-sha3 CARGO version =0.0.2-beta.3, =0.0.4, =0.0.2, =0.0.3, =0.0.2-alpha.1, =0.0.2-alpha.3 - libcrux-psq =0.0.2-beta.3 - pqc-combo =0.1.0 - pqc-fips =0.0.3 - pqc-nostd =0.1.0 - wpa-next =0.1.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0074...

5.8AI score
Exploits0
OSV
OSV
added 2025/12/04 5:24 p.m.11 views

GHSA-2CGV-28VR-RV6J libcrux incorrectly calculates on aarch64

On platforms without the core::arch::aarch64::vxarqu64 intrinsic, an unverified fallback in libcrux-intrinsics v0.0.3 passed incorrect arguments and produced wrong results. This corrupted SHA-3 digests and caused libcrux-ml-kem and libcrux-ml-dsa to sample incorrectly, yielding incorrect shared...

8.8CVSS5.8AI score
Exploits0References5
OSV
OSV
added 2025/12/04 12:0 p.m.6 views

RUSTSEC-2025-0133 Incorrect calculation on aarch64

On platforms without the core::arch::aarch64::vxarqu64 intrinsic, an unverified fallback in libcrux-intrinsics v0.0.3 passed incorrect arguments and produced wrong results. This corrupted SHA-3 digests and caused libcrux-ml-kem and libcrux-ml-dsa to sample incorrectly, yielding incorrect shared...

5.8AI score
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-36062

Malicious code in bioql PyPI...

7.5CVSS5.9AI score0.00515EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:40 a.m.8 views

CVE-2024-37880

The Kyber reference implementation before 9b8d306, when compiled by LLVM Clang through 18.x with some common optimization options, has a timing side channel that allows attackers to recover an ML-KEM 512 secret key in minutes. This occurs because polyfrommsg in poly.c does not prevent Clang from...

7.5CVSS6.8AI score0.00696EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/01/04 12:0 a.m.11 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : liboqs, oqs-provider (SUSE-SU-2025:0005-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0005-1 advisory. This update supplies the new FIPS standardized ML-KEM, ML-DSA, SHL-DSA algorithms. This update...

8.2CVSS7.5AI score0.00515EPSS
Exploits0References10
OSV
OSV
added 2025/01/02 8:1 a.m.6 views

SUSE-SU-2025:0005-1 Security update for liboqs, oqs-provider

This update for liboqs, oqs-provider fixes the following issues: This update supplies the new FIPS standardized ML-KEM, ML-DSA, SHL-DSA algorithms. This update liboqs to 0.12.0: - This release updates the ML-DSA implementation to the final FIPS 204 version. This release still includes the NIST...

8.2CVSS7.4AI score0.00515EPSS
Exploits0References7
OSV
OSV
added 2024/10/24 12:0 p.m.14 views

RUSTSEC-2024-0381 Replaced by `pqcrypto-mlkem`

This crate has been replaced by pqcrypto-mlkem, which provides a FIPS203-compatible implementation of ML-KEM...

7.1AI score
Exploits0References2
Filippo.io
Filippo.io
added 2024/10/09 9:50 a.m.10 views

Accumulated Test Vectors

I like tests. I especially like reusable test vector libraries. Sometimes test vectors are lovingly handcrafted to target obscure edge-cases. Those vectors belong in Wycheproof or with the upstream specification. Sometimes though vectors are produced by sheer brute force. Enumerate every possible...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/17 12:22 p.m.64 views

Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense

Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to defend against the risk posed by cryptographically relevant quantum computers CRQCs. "Chrome will offer a key share prediction for hybrid ML-KEM codepoint 0x11EC," David...

4.2CVSS7AI score0.00329EPSS
Exploits0
Schneier on Security
Schneier on Security
added 2024/09/12 3:42 p.m.13 views

Microsoft Is Adding New Cryptography Algorithms

Microsoft is updating SymCrypt, its core cryptographic library, with new quantum-secure algorithms. Microsofts details are here. From a news article: The first new algorithm Microsoft added to SymCrypt is called ML-KEM. Previously known as CRYSTALS-Kyber, ML-KEM is one of three post-quantum...

7.3AI score
Exploits0
Filippo.io
Filippo.io
added 2024/08/21 2:47 p.m.15 views

Let’s All Agree to Use Seeds as ML-KEM Keys

Last week, NIST published the final version of the ML-KEM1 specification, FIPS 203. One change from the draft is that the final document explicitly allows storing the private decapsulation key as a seed. This is a plea to the cryptography engineering community: let’s all agree to only use seeds a...

7.3AI score
Exploits0
Rows per page
Query Builder