Yamcs security vulnerabilities

Yamcs is an open-source software framework developed by Yamcs. It is used for commanding and controlling spacecraft, satellites, payloads, ground stations, and ground equipment. YAMCS has a security vulnerability that stems from the lack of rate limits...

Yamcs security vulnerabilities

Yamcs is an open-source software framework developed by Yamcs. It is used for commanding and controlling spacecraft, satellites, payloads, ground stations, and ground equipment. Yamcs has a security vulnerability that stems from allowing enumeration of users...

EUVD-2025-37044

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prier to 1.4.2, there is a missing bounds check in CryptoKeyupdate...

EUVD-2025-12475

Malicious code in bioql PyPI...

EUVD-2025-12472

Malicious code in bioql PyPI...

CVE-2025-46675

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking...

CVE-2025-46672

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...

CVE-2025-46672

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...

CVE-2025-46672

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...

CVE-2025-46675

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking...

CVE-2025-46675

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking...

CVE-2025-46675

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking...

CVE-2025-46672

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...

CVE-2025-46672

Summary : CVE-2025-46672 affects NASA CryptoLib up to v1.3.1 (before 1.3.2). The root cause is that the OTAR crypto function return status is not checked, which could allow incorrect handling of OTAR results and potentially enable spacecraft hijacking. Impact : the issue is described as a securit...

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.3.2, which stems from a failure to check the return state of the OTAR cryptographic...

CVE-2025-46672

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...

PT-2025-17969 · Nasa · Nasa Cryptolib

Name of the Vulnerable Software and Affected Versions: NASA CryptoLib versions prior to 1.3.2 Description: The issue is related to the OTAR crypto function in NASA CryptoLib, where the returned status is not checked, potentially leading to spacecraft hijacking. Recommendations: For NASA CryptoLib...

CVE-2025-46675

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking...

CVE-2025-46675

CVE-2025-46675 affects NASA CryptoLib prior to 1.3.2. The root cause is that the key state is not checked before use, which could enable spacecraft hijacking. Public sources across multiple advisories note the affected versions are before 1.3.2, with remediation to upgrade to 1.3.2 or later; PT S...

CVE-2025-30356 Heap Buffer Overflow via Incomplete Length Check in `Crypto_TC_ApplySecurity`

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In 1.3.3 and earlier, a heap buffer overflow vulnerability persists in...