3 matches found
CVE-2026-6330
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...
EUVD-2026-21070
Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication...
PT-2025-44284
Name of the Vulnerable Software and Affected Versions Jenkins Eggplant Runner Plugin versions 0.0.1.301.v963cffe8ddb 8 and earlier Description The Jenkins Eggplant Runner Plugin versions 0.0.1.301.v963cffe8ddb 8 and earlier configures the Java system property jdk.http.auth.tunneling.disabledSchem...