Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-55961

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying...

8.2CVSS6AI score0.00095EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 6:16 p.m.7 views

CVE-2026-55961

wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no...

8.2CVSS0.00095EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 4:51 p.m.6 views

CVE-2026-55961

wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no...

8.2CVSS5.8AI score0.00095EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/25 4:51 p.m.17 views

CVE-2026-55961

The CVE describes a flaw in wolfSSL where wolfSSL_PKCS7_verify() incorrectly reported success for a degenerate PKCS#7 object that contains no signer. In such objects, signerInfos is empty, so underlying signed-data verification could succeed without authenticating any content. The fix enforces th...

8.2CVSS5.8AI score0.00095EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 4:51 p.m.20 views

CVE-2026-55961 wolfSSL_PKCS7_verify() reports success for degenerate (certs-only) PKCS#7 with no signer

wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no...

8.2CVSS0.00095EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 4:51 p.m.6 views

EUVD-2026-39491

wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no...

8.2CVSS5.8AI score0.00095EPSS
Exploits0References2
Rows per page
Query Builder