Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

SUSE CVE
SUSE CVEadded 2026/03/17 12:25 a.m.2 views

SUSE CVE-2026-28490

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a cryptographic padding oracle vulnerability was identified in the Authlib Python library concerning the implementation of the JSON Web Encryption JWE RSA15 key management algorithm. Authlib registe...

5.9CVSS5.7AI score0.00016EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/03/16 7:19 p.m.1 views

CVE-2026-28490

A flaw was found in Authlib, a Python library for building OAuth and OpenID Connect servers. This cryptographic padding oracle vulnerability, affecting the JSON Web Encryption JWE RSA15 key management algorithm, could allow a remote attacker to decrypt sensitive information. The vulnerability...

8.3CVSS5.8AI score0.00016EPSS
Exploits1References6
Cvelist
Cvelistadded 2026/03/16 5:37 p.m.20 views

CVE-2026-28490 Authlib Vulnerable to JWE RSA1_5 Bleichenbacher Padding Oracle

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a cryptographic padding oracle vulnerability was identified in the Authlib Python library concerning the implementation of the JSON Web Encryption JWE RSA15 key management algorithm. Authlib registe...

8.3CVSS0.00016EPSS
Exploits1References3
CVE
CVEadded 2026/03/16 5:37 p.m.14 views

CVE-2026-28490

Authlib (Python) RSA1_5 JWE handling is vulnerable to Bleichenbacher padding oracle attacks. The issue stems from a length check in RSAAlgorithm.unwrap() that raises a distinct exception when padding is invalid, destroying the cryptographic BLEichenbacher mitigation provided by cryptography v46.0...

8.3CVSS5.7AI score0.00016EPSS
Exploits1References3Affected Software1
CNNVD
CNNVDadded 2026/03/16 12:0 a.m.3 views

Authlib 加密问题漏洞

Authlib is an open-source library developed by Authlib, designed as a ultimate Python library for building OAuth and OpenID Connect servers. Versions of Authlib prior to 1.6.9 contained a security vulnerability related to encryption. This vulnerability stemmed from a cryptographic padding mechani...

8.3CVSS5.8AI score0.00016EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2026/01/01 12:0 a.m.3 views

PT-2026-25780

Name of the Vulnerable Software and Affected Versions Authlib versions prior to 1.6.9 Description Authlib, a Python library for building OAuth and OpenID Connect servers, contains a cryptographic padding oracle vulnerability in the implementation of the JSON Web Encryption JWE RSA1 5 key manageme...

9.1CVSS5.8AI score0.00081EPSS
Exploits3References28
OSV
OSVadded 2023/04/27 11:52 p.m.3 views

GHSA-JGVC-JFGH-RJVV Chosen Ciphertext Attack in Jose4j

Summary RSA15 in jose4j is susceptible to chosen ciphertext attacks. The attack allows to decrypt RSA15 or RSAOAEP encrypted ciphertexts. It may be feasible to sign with affected keys. Severity Moderate - exploiting this ciphertext attack could result in the ability to decrypt RSA15 or RSAOAEP...

5.9AI score
Exploits0References5
PyPA
PyPAadded 2016/09/01 11:59 p.m.4 views

PYSEC-2016-4

The Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack MMA...

5.3CVSS6.8AI score0.00365EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder