CVE-2026-5588

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix. The PKIX draft CompositeVerifier implementation improperly accepts an empty signature sequence as a valid cryptographic signature. This issue allows a remote attacker to bypass signature verification mechanisms, potentially...

EUVD-2026-19482

A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation leads to risky cryptographic algorithm. The attack may be performed from remote. The attack requires ...

CVE-2026-2618

A vulnerability was determined in Beetel 777VR1 up to 01.00.09. This impacts an unknown function of the component SSH Service. This manipulation causes risky cryptographic algorithm. The attack is possible to be carried out remotely. The attack is considered to have high complexity. The...

CVE-2026-2618

Beetel 777VR1 SSH Service is affected. Across connected sources, the vulnerability impacts Beetel 777VR1 versions prior to 01.00.10, stemming from the SSH Service component and involving the use of risky cryptographic algorithms. This vulnerability is described as remotely exploitable with high a...

PT-2026-20336

Name of the Vulnerable Software and Affected Versions Beetel 777VR1 versions prior to 01.00.10 Description A security issue exists in the SSH Service component of Beetel 777VR1. The issue involves the use of risky cryptographic algorithms and is potentially exploitable remotely. The exploitabilit...

CVE-2025-54340

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is a Broken or Risky Cryptographic Algorithm...

CVE-2025-46424

Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service...

CVE-2025-9828

A vulnerability was determined in Tenda CP6 11.10.00.243. The affected element is the function sub2B7D04 of the component uhttp. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. This attack is characterized by high complexity. The exploitabili...

Use Of A Broken Or Risky Cryptographic Algorithm

github.com/beego/beego is vulnerable to Use of a Broken or Risky Cryptographic Algorithm. The vulnerability is due to the use of MD5 as a hashing algorithm, which allows two different inputs to produce the same hash value...

CVE-2022-4610

A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. Local access is required to approach this...

PT-2021-23641 · Max Mazurov · Maddy

Name of the Vulnerable Software and Affected Versions: Max Mazurov Maddy versions prior to 0.5.2 Description: The issue concerns the use of a broken or risky cryptographic algorithm, which poses an unnecessary risk that may result in the exposure of sensitive information. Recommendations: For...

Use of a Broken or Risky Cryptographic Algorithm

✍️ Description The function mtrand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are...