Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

115 matches found

RedhatCVE
RedhatCVEadded 2026/03/26 3:18 p.m.3 views

CVE-2026-3580

In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...

4.7CVSS5.8AI score0.00006EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2026/03/19 8:16 p.m.3 views

CVE-2026-3580

In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...

4.7CVSS5.9AI score0.00006EPSS
Exploits0References2
OSV
OSVadded 2026/03/19 8:16 p.m.2 views

UBUNTU-CVE-2026-3580

In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...

4.7CVSS5.8AI score0.00006EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2026/03/19 7:46 p.m.0 views

CVE-2026-3580

In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...

4.7CVSS5.8AI score0.00006EPSS
Exploits0
Cvelist
Cvelistadded 2026/03/19 7:46 p.m.18 views

CVE-2026-3580 Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V

In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...

2.1CVSS0.00006EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/20 11:27 a.m.2 views

CVE-2026-26958

A flaw was found in filippo.io/edwards25519, a Go library used for cryptographic operations. This vulnerability occurs in the MultiScalarMult function when it processes points that are not properly initialized or are not the identity point. Such conditions can lead to incorrect cryptographic...

6.3CVSS5.5AI score0.00018EPSS
Exploits0References6
OSV
OSVadded 2026/02/19 11:16 p.m.0 views

UBUNTU-CVE-2026-26958

filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...

6.3CVSS7AI score0.00018EPSS
Exploits0References3
OSV
OSVadded 2026/02/17 9:58 p.m.2 views

GO-2026-4503 Invalid result or undefined behavior in filippo.io/edwards25519

Previously, if MultiScalarMult was invoked on an initialized point who was not the identity point, MultiScalarMult produced an incorrect result. If called on an uninitialized point, MultiScalarMult exhibited undefined behavior...

6.3CVSS5.5AI score0.00018EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2019-5060

Malware in sbrugna...

5.9CVSS6.3AI score0.00272EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-3338

Malware in sbrugna...

4.7CVSS4.9AI score0.00044EPSS
Exploits0References10
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2019-7373

Malware in sbrugna...

5.9CVSS5.9AI score0.00339EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-0757

Malware in sbrugna...

7.4CVSS7.3AI score0.00361EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-28663

Malicious code in bioql PyPI...

7.5CVSS6.2AI score0.0023EPSS
Exploits1References5
Veracode
Veracodeadded 2025/09/29 10:10 a.m.3 views

Denial Of Service (DoS)

github.com/consensys/gnark is vulnerable to Denial of Service DoS. The vulnerability is due to the fake-GLV scalar multiplication algorithm not converging quickly enough for certain inputs, which allows an attacker to trigger excessive computation and cause service disruption...

7.5CVSS7AI score0.0023EPSS
Exploits1References6Affected Software1
SUSE CVE
SUSE CVEadded 2025/09/19 11:22 p.m.1 views

SUSE CVE-2025-58157

gnark is a zero-knowledge proof system framework. In version 0.12.0, there is a potential denial of service vulnerability when computing scalar multiplication is using the fake-GLV algorithm. This is because the algorithm didn't converge quickly enough for some of the inputs. This issue has been...

7.5CVSS6.8AI score0.0023EPSS
Exploits1References2
OSV
OSVadded 2025/09/17 5:3 p.m.1 views

GO-2025-3929 Denial of service when computing scalar multiplication using fake-GLV algorithm in github.com/consensys/gnark

Denial of service when computing scalar multiplication using fake-GLV algorithm in github.com/consensys/gnark...

7.5CVSS6.9AI score0.0023EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2025/09/03 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-8932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect result...

5.9CVSS6.3AI score0.01477EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/08/31 9:32 p.m.2 views

CVE-2025-58157

gnark is a zero-knowledge proof system framework. In version 0.12.0, there is a potential denial of service vulnerability when computing scalar multiplication is using the fake-GLV algorithm. This is because the algorithm didn't converge quickly enough for some of the inputs. This issue has been...

7.5CVSS6.7AI score0.0023EPSS
Exploits1References1
NVD
NVDadded 2025/08/29 10:15 p.m.1 views

CVE-2025-58157

gnark is a zero-knowledge proof system framework. In version 0.12.0, there is a potential denial of service vulnerability when computing scalar multiplication is using the fake-GLV algorithm. This is because the algorithm didn't converge quickly enough for some of the inputs. This issue has been...

7.5CVSS0.0023EPSS
Exploits1References4
CVE
CVEadded 2025/08/29 9:21 p.m.25 views

CVE-2025-58157

The CVE-2025-58157 entry concerns gnark (v0.12.0) with a DoS when computing scalar multiplication using the fake-GLV algorithm, caused by slow convergence for some inputs. The issue has been fixed in v0.13.0. Connected sources (OSV- GO-2025-3929) corroborate a denial-of-service risk in the same f...

7.5CVSS6.2AI score0.0023EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder