CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm News•added 2026/06/09 12:0 a.m.•4 views

Certification of Network Quantum Sensing

The distribution of quantum sensors on quantum networks is a key enabler of quantum technologies in interferometry, gravimetry, timekeeping, biological monitoring, and beyond. Yet, guaranteeing the security of these distributed sensors over noisy, insecure networks remains a formidable challenge...

5.7AI score

Imperva Blog•added 2026/06/07 8:40 a.m.•20 views

The Clock Is Already Ticking: Why Post-Quantum Cryptography Can’t Wait

There is a question I have been hearing more and more from CISOs, compliance officers, and security architects over the past year. It does not start with "we had a breach" or "we failed an audit." It starts with something that sounds almost philosophical: " Are we quantum-safe?" A year ago, that...

5.6AI score

Packet Storm News•added 2026/06/05 12:0 a.m.•4 views

Empirical Evaluation of Large Language Models for Migration of Code Fragments to Post-Quantum Cryptography

The transition to post-quantum cryptography PQC requires not only replacing vulnerable cryptographic primitives, but also refactoring the surrounding software logic. While existing PQC migration frameworks provide organizational guidance, practical code-level remediation remains largely manual an...

5.6AI score

Tenable Nessus•added 2026/06/02 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has...

5.3CVSS5.8AI score0.00304EPSS

EUVD•added 2026/05/29 6:8 p.m.•10 views

EUVD-2026-33413

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...

5.3CVSS5.8AI score0.00304EPSS

EUVD•added 2026/05/29 6:7 p.m.•10 views

EUVD-2026-33412

5.3CVSS5.8AI score0.00304EPSS

Wiz blog•added 2026/05/28 1:34 p.m.•8 views

State of Post Quantum Cryptography

Discussion of PQC relevant statistics that we see across our customers and other data sources...

5.8AI score

Github Security Blog•added 2026/05/15 6:13 p.m.•12 views

arnika is affected by medium-severity issues in UDP rotation, PQC handling, and KMS TLS

Summary Three medium-severity issues in arnika affecting the UDP key-rotation protocol, PQC key file handling, and KMS TLS client. All require specific preconditions to exploit and do not allow direct code execution or immediate key extraction. A self-contained PoC is attached. Details 1 ACK...

6.1AI score

Exploits0References4Affected Software1

vulnersOsv•added 2026/04/27 10:15 a.m.•4 views

org.apache.camel.springboot:camel-pqc-starter (=4.19.0) potentially affected by CVE-2026-40048 via org.apache.camel:camel-pqc (=4.19.0)

org.apache.camel:camel-pqc MAVEN version =4.19.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.camel:camel-pqc and may be impacted: - org.apache.camel.springboot:camel-pqc-starter =4.19.0 Source cves: CVE-2026-40048 Source advisory:...

7.8CVSS5.8AI score0.00325EPSS

Packet Storm News•added 2026/04/27 12:0 a.m.•4 views

Machine-Checked Cardinality Bounds for Masked Barrett Reduction: A 1-Bit Side-Channel Leakage Barrier in Post-Quantum Cryptographic Hardware

Barrett reduction is the nonlinear core of every practical NTT-based post-quantum cryptography implementation. Existing composition frameworks ISW, t-SNI, PINI, DOM address Boolean masking over GF2; none provides a machine-checked characterization of Barrett's leakage under first-order arithmetic...

5.3AI score

Packet Storm News•added 2026/04/14 12:0 a.m.•3 views

Quantum-Safe IPsec in the Banking Industry

The emergence of Cryptographically Relevant Quantum Computers CRQCs presents a critical threat to classical cryptographic systems, particularly widely adopted protocols such as RSA, Diffie-Hellman DH, and Elliptic Curve Cryptography ECC. Given their extensive use in the financial sector, the adve...

5.8AI score

Snyk•added 2026/04/10 1:0 a.m.•5 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the error handling path of the TLSXKeyShareProcessPqcHybridClient process. An attacker can cause memory corruption or potentially execute arbitrary code by triggering an error during post-quantum cryptography hybrid...

6.5CVSS6.2AI score0.00275EPSS

NVD•added 2026/04/10 12:16 a.m.•7 views

CVE-2026-5460

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of TLSXKeyShareProcessPqcHybridClient in src/tls.c, the inner function TLSXKeyShareProcessPqcClientex frees a KyberKey object upon encountering an error. The call...

6.5CVSS0.00275EPSS

OSV•added 2026/04/10 12:16 a.m.•2 views

DEBIAN-CVE-2026-5460

6.5CVSS5.4AI score0.00275EPSS

UbuntuCve•added 2026/04/10 12:0 a.m.•0 views

CVE-2026-5460

6.5CVSS5.8AI score0.00275EPSS

CNNVD•added 2026/04/10 12:0 a.m.•4 views

wolfSSL（CyaSSL）安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the US company wolfSSL, designed for developers working with embedded systems. wolfSSL CyaSSL contains a security vulnerability that stems from the handling of mixed key sharing in TLS 1.3 and post-quantum...

6.5CVSS5.8AI score0.00275EPSS

Cvelist•added 2026/04/09 11:29 p.m.•28 views

CVE-2026-5460 Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3

6.3CVSS0.00275EPSS

ATTACKERKB•added 2026/04/09 11:29 p.m.•4 views

CVE-2026-5460

6.3CVSS5.9AI score0.00275EPSS