CWE-347
Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
CVE-2026-34240 (GCVE-0-2026-34240)
Vulnerability from cvelistv5 – Published: 2026-03-31 15:44 – Updated: 2026-04-01 14:03- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://github.com/appsup-dart/jose/security/advi… | x_refsource_CONFIRM |
| https://github.com/appsup-dart/jose/commit/b07799… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| appsup-dart | jose |
Affected:
< 0.3.5+1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T14:02:31.709988Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T14:03:14.969Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jose",
"vendor": "appsup-dart",
"versions": [
{
"status": "affected",
"version": "\u003c 0.3.5+1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "JOSE is a Javascript Object Signing and Encryption (JOSE) library. Prior to version 0.3.5+1, a vulnerability in jose could allow an unauthenticated, remote attacker to forge valid JWS/JWT tokens by using a key embedded in the JOSE header (jwk). The vulnerability exists because key selection could treat header-provided jwk as a verification candidate even when that key was not present in the trusted key store. Since JOSE headers are untrusted input, an attacker could exploit this by creating a token payload, embedding an attacker-controlled public key in the header, and signing with the matching private key. Applications using affected versions for token verification are impacted. This issue has been patched in version 0.3.5+1. A workaround for this issue involves rejecting tokens where header jwk is present unless that jwk matches a key already present in the application\u0027s trusted key store."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T15:44:23.578Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/appsup-dart/jose/security/advisories/GHSA-vm9r-h74p-hg97",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/appsup-dart/jose/security/advisories/GHSA-vm9r-h74p-hg97"
},
{
"name": "https://github.com/appsup-dart/jose/commit/b07799aac1f56a9a21483feac026272aab30cc5d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/appsup-dart/jose/commit/b07799aac1f56a9a21483feac026272aab30cc5d"
}
],
"source": {
"advisory": "GHSA-vm9r-h74p-hg97",
"discovery": "UNKNOWN"
},
"title": "jose vulnerable to untrusted JWK header key acceptance during signature verification"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34240",
"datePublished": "2026-03-31T15:44:23.578Z",
"dateReserved": "2026-03-26T16:22:29.034Z",
"dateUpdated": "2026-04-01T14:03:14.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34377 (GCVE-0-2026-34377)
Vulnerability from cvelistv5 – Published: 2026-03-31 14:05 – Updated: 2026-03-31 17:18- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://github.com/ZcashFoundation/zebra/security… | x_refsource_CONFIRM |
| https://github.com/ZcashFoundation/zebra/releases… | x_refsource_MISC |
| https://zfnd.org/zebra-4-3-0-critical-security-fi… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| ZcashFoundation | zebra |
Affected:
< 4.3.0
|
|
| ZcashFoundation | zebra-consensus |
Affected:
< 5.0.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T17:18:05.262524Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T17:18:12.932Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "zebra",
"vendor": "ZcashFoundation",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3.0"
}
]
},
{
"product": "zebra-consensus",
"vendor": "ZcashFoundation",
"versions": [
{
"status": "affected",
"version": "\u003c 5.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-consensus version 5.0.1, a logic error in Zebra\u0027s transaction verification cache could allow a malicious miner to induce a consensus split. By matching a valid transaction\u0027s txid while providing invalid authorization data, a miner could cause vulnerable Zebra nodes to accept an invalid block, leading to a consensus split from the rest of the Zcash network. This would not allow invalid transactions to be accepted but could result in a consensus split between vulnerable Zebra nodes and invulnerable Zebra and Zcashd nodes. This issue has been patched in zebrad version 4.3.0 and zebra-consensus version 5.0.1."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T14:05:59.959Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-3vmh-33xr-9cqh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-3vmh-33xr-9cqh"
},
{
"name": "https://github.com/ZcashFoundation/zebra/releases/tag/v4.3.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ZcashFoundation/zebra/releases/tag/v4.3.0"
},
{
"name": "https://zfnd.org/zebra-4-3-0-critical-security-fixes-zip-235-support-and-performance-improvements",
"tags": [
"x_refsource_MISC"
],
"url": "https://zfnd.org/zebra-4-3-0-critical-security-fixes-zip-235-support-and-performance-improvements"
}
],
"source": {
"advisory": "GHSA-3vmh-33xr-9cqh",
"discovery": "UNKNOWN"
},
"title": "Zebra has a Consensus Failure due to Improper Verification of V5 Transactions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34377",
"datePublished": "2026-03-31T14:05:59.959Z",
"dateReserved": "2026-03-27T13:43:14.370Z",
"dateUpdated": "2026-03-31T17:18:12.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34840 (GCVE-0-2026-34840)
Vulnerability from cvelistv5 – Published: 2026-04-02 18:52 – Updated: 2026-04-02 20:20- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://github.com/OneUptime/oneuptime/security/a… | x_refsource_CONFIRM |
| https://github.com/OneUptime/oneuptime/commit/2fd… | x_refsource_MISC |
| https://github.com/OneUptime/oneuptime/releases/t… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34840",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T20:20:03.529115Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T20:20:13.291Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "oneuptime",
"vendor": "OneUptime",
"versions": [
{
"status": "affected",
"version": "\u003c 10.0.42"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, OneUptime\u0027s SAML SSO implementation (App/FeatureSet/Identity/Utils/SSO.ts) has decoupled signature verification and identity extraction. isSignatureValid() verifies the first \u003cSignature\u003e element in the XML DOM using xml-crypto, while getEmail() always reads from assertion[0] via xml2js. An attacker can prepend an unsigned assertion containing an arbitrary identity before a legitimately signed assertion, resulting in authentication bypass. This issue has been patched in version 10.0.42."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:52:48.274Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OneUptime/oneuptime/security/advisories/GHSA-5w5c-766x-265g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OneUptime/oneuptime/security/advisories/GHSA-5w5c-766x-265g"
},
{
"name": "https://github.com/OneUptime/oneuptime/commit/2fd7ede52f60444710628d6c1b34dee2ef9e57d1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OneUptime/oneuptime/commit/2fd7ede52f60444710628d6c1b34dee2ef9e57d1"
},
{
"name": "https://github.com/OneUptime/oneuptime/releases/tag/10.0.42",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OneUptime/oneuptime/releases/tag/10.0.42"
}
],
"source": {
"advisory": "GHSA-5w5c-766x-265g",
"discovery": "UNKNOWN"
},
"title": "OneUptime SSO: Multi-Assertion Identity Injection via Decoupled Signature Verification"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34840",
"datePublished": "2026-04-02T18:52:48.274Z",
"dateReserved": "2026-03-30T20:52:53.284Z",
"dateUpdated": "2026-04-02T20:20:13.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3562 (GCVE-0-2026-3562)
Vulnerability from cvelistv5 – Published: 2026-03-13 20:37 – Updated: 2026-03-16 20:21- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Philips | Hue Bridge |
Affected:
1.73.1973146020
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3562",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T20:21:23.637688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T20:21:33.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Hue Bridge",
"vendor": "Philips",
"versions": [
{
"status": "affected",
"version": "1.73.1973146020"
}
]
}
],
"dateAssigned": "2026-03-04T19:42:57.414Z",
"datePublic": "2026-03-06T21:19:44.813Z",
"descriptions": [
{
"lang": "en",
"value": "Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the ed25519_sign_open function. The issue results from improper verification of a cryptographic signature. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-28480."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T20:37:09.162Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-26-160",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-26-160/"
}
],
"source": {
"lang": "en",
"value": "Viettel Cyber Security"
},
"title": "Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2026-3562",
"datePublished": "2026-03-13T20:37:09.162Z",
"dateReserved": "2026-03-04T19:42:57.379Z",
"dateUpdated": "2026-03-16T20:21:33.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3564 (GCVE-0-2026-3564)
Vulnerability from cvelistv5 – Published: 2026-03-17 14:48 – Updated: 2026-03-18 03:55- CWE-347 - Improper Verification of Cryptographic Signature
| Vendor | Product | Version | |
|---|---|---|---|
| ConnectWise | ScreenConnect |
Affected:
All versions prior to 26.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3564",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-17T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-18T03:55:41.186Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ScreenConnect",
"vendor": "ConnectWise",
"versions": [
{
"status": "affected",
"version": "All versions prior to 26.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios.\u003cbr\u003e\u003cdiv\u003e\n\n\n\n\n\n\u003cdiv\u003e\n\n\u003cdiv\u003e\u003ca\u003e\u003c/a\u003e\n\n\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e"
}
],
"value": "A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T14:48:59.940Z",
"orgId": "7d616e1a-3288-43b1-a0dd-0a65d3e70a49",
"shortName": "ConnectWise"
},
"references": [
{
"url": "https://www.connectwise.com/company/trust/security-bulletins/2026-03-17-screenconnect-bulletin"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003cb\u003eCloud:\u0026nbsp;\u003c/b\u003eNo action is required. ScreenConnect servers hosted in\n\u201cscreenconnect.com\u201d cloud (standalone and Automate/RMM integrated) or\n\u201chostedrmm.com\u201d for Automate partners have been updated to remediate the\nissue.\u202f\u0026nbsp;\u003c/p\u003e\n\n\u003cp\u003e\u003cb\u003eOn-premise\u003c/b\u003e\u0026nbsp;\u003cb\u003eScreenConnect\u003c/b\u003e \u003cb\u003ePartners:\u003c/b\u003e\u003c/p\u003e\n\n\n\n\u003cp\u003ePlease upgrade to ScreenConnect version 26.1. Visit \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.screenconnect.com/download\"\u003eDownload\n| ScreenConnect\u003c/a\u003e page to download and apply the update \u003ci\u003e(access\nrequires a valid on-premises license)\u003c/i\u003e.\u0026nbsp;\u003c/p\u003e\n\n\n\n\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eIf your license is out of maintenance, you must \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.connectwise.com/ScreenConnect_Documentation/On-premises/On-premises_licensing/Renew_or_upgrade_an_on-premises_license\"\u003eupgrade your license\u003c/a\u003e\u0026nbsp;before installing\nthe latest supported release of ScreenConnect. \u003c/li\u003e\u003cli\u003eFor\ninstructions on updating to the newest release, please reference this\ndoc: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.connectwise.com/ConnectWise_ScreenConnect_Documentation/On-premises/Get_started_with_ConnectWise_ScreenConnect_On-Premise/Upgrade_an_on-premises_installation\"\u003eUpgrade an on-premise\ninstallation - ConnectWise\u003c/a\u003e\u0026nbsp;\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\n\n\n\n\n\n\n\u003cp\u003e\u003cb\u003eAutomate On-Prem Partners with ScreenConnect\nIntegration\u003c/b\u003e:\u003c/p\u003e\n\n\u003cp\u003eFor partners using an on-premises ScreenConnect\ninstallation integrated with Automate, ScreenConnect 26.1 is available through\nthe \u003ca href=\"https://docs.connectwise.com/ConnectWise_Automate_Documentation/Automate_Product_Updates\"\u003eAutomate Product Updates\u003c/a\u003e page.\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\n\n\u003cp\u003eLink to release\nnotes: \u003ca href=\"https://screenconnect.product.connectwise.com/communities/26/topics/5088-screenconnect-261\"\u003eScreenConnect 26.1 / ScreenConnect\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Cloud:\u00a0No action is required. ScreenConnect servers hosted in\n\u201cscreenconnect.com\u201d cloud (standalone and Automate/RMM integrated) or\n\u201chostedrmm.com\u201d for Automate partners have been updated to remediate the\nissue.\u202f\u00a0\n\n\n\nOn-premise\u00a0ScreenConnect Partners:\n\n\n\n\n\nPlease upgrade to ScreenConnect version 26.1. Visit Download\n| ScreenConnect page to download and apply the update (access\nrequires a valid on-premises license).\u00a0\n\n\n\n\n\n\n\n * If your license is out of maintenance, you must upgrade your license https://docs.connectwise.com/ScreenConnect_Documentation/On-premises/On-premises_licensing/Renew_or_upgrade_an_on-premises_license \u00a0before installing\nthe latest supported release of ScreenConnect. \n * For\ninstructions on updating to the newest release, please reference this\ndoc: Upgrade an on-premise\ninstallation - ConnectWise\u00a0\n\n\n\n\n\n\n\n\n\n\n\n\nAutomate On-Prem Partners with ScreenConnect\nIntegration:\n\n\n\nFor partners using an on-premises ScreenConnect\ninstallation integrated with Automate, ScreenConnect 26.1 is available through\nthe Automate Product Updates https://docs.connectwise.com/ConnectWise_Automate_Documentation/Automate_Product_Updates page.\n\n\n\n\n\n\nLink to release\nnotes: ScreenConnect 26.1 / ScreenConnect https://screenconnect.product.connectwise.com/communities/26/topics/5088-screenconnect-261"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ScreenConnect Instance Level Cryptographic Material Exposure",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d616e1a-3288-43b1-a0dd-0a65d3e70a49",
"assignerShortName": "ConnectWise",
"cveId": "CVE-2026-3564",
"datePublished": "2026-03-17T14:48:59.940Z",
"dateReserved": "2026-03-04T20:04:12.757Z",
"dateUpdated": "2026-03-18T03:55:41.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3706 (GCVE-0-2026-3706)
Vulnerability from cvelistv5 – Published: 2026-03-08 05:02 – Updated: 2026-04-22 18:54 Disputed X_Open Source| URL | Tags |
|---|---|
| https://vuldb.com/?id.349652 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.349652 | signaturepermissions-required |
| https://vuldb.com/?submit.765933 | third-party-advisory |
| https://github.com/mkj/dropbear/issues/406 | issue-tracking |
| https://github.com/mkj/dropbear/pull/407 | issue-trackingpatch |
| https://github.com/mkj/dropbear/commit/fdec3c90a1… | patch |
| https://github.com/str4d/ed25519-java/issues/82#i… | issue-tracking |
| https://github.com/mkj/dropbear/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| mkj | Dropbear |
Affected:
2025.0
Affected: 2025.1 Affected: 2025.2 Affected: 2025.3 Affected: 2025.4 Affected: 2025.5 Affected: 2025.6 Affected: 2025.7 Affected: 2025.8 Affected: 2025.9 Affected: 2025.10 Affected: 2025.11 Affected: 2025.12 Affected: 2025.13 Affected: 2025.14 Affected: 2025.15 Affected: 2025.16 Affected: 2025.17 Affected: 2025.18 Affected: 2025.19 Affected: 2025.20 Affected: 2025.21 Affected: 2025.22 Affected: 2025.23 Affected: 2025.24 Affected: 2025.25 Affected: 2025.26 Affected: 2025.27 Affected: 2025.28 Affected: 2025.29 Affected: 2025.30 Affected: 2025.31 Affected: 2025.32 Affected: 2025.33 Affected: 2025.34 Affected: 2025.35 Affected: 2025.36 Affected: 2025.37 Affected: 2025.38 Affected: 2025.39 Affected: 2025.40 Affected: 2025.41 Affected: 2025.42 Affected: 2025.43 Affected: 2025.44 Affected: 2025.45 Affected: 2025.46 Affected: 2025.47 Affected: 2025.48 Affected: 2025.49 Affected: 2025.50 Affected: 2025.51 Affected: 2025.52 Affected: 2025.53 Affected: 2025.54 Affected: 2025.55 Affected: 2025.56 Affected: 2025.57 Affected: 2025.58 Affected: 2025.59 Affected: 2025.60 Affected: 2025.61 Affected: 2025.62 Affected: 2025.63 Affected: 2025.64 Affected: 2025.65 Affected: 2025.66 Affected: 2025.67 Affected: 2025.68 Affected: 2025.69 Affected: 2025.70 Affected: 2025.71 Affected: 2025.72 Affected: 2025.73 Affected: 2025.74 Affected: 2025.75 Affected: 2025.76 Affected: 2025.77 Affected: 2025.78 Affected: 2025.79 Affected: 2025.80 Affected: 2025.81 Affected: 2025.82 Affected: 2025.83 Affected: 2025.84 Affected: 2025.85 Affected: 2025.86 Affected: 2025.87 Affected: 2025.88 Affected: 2025.89 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3706",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T14:05:08.951683Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T18:54:11.224Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/mkj/dropbear/issues/406"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"S Range Check"
],
"product": "Dropbear",
"vendor": "mkj",
"versions": [
{
"status": "affected",
"version": "2025.0"
},
{
"status": "affected",
"version": "2025.1"
},
{
"status": "affected",
"version": "2025.2"
},
{
"status": "affected",
"version": "2025.3"
},
{
"status": "affected",
"version": "2025.4"
},
{
"status": "affected",
"version": "2025.5"
},
{
"status": "affected",
"version": "2025.6"
},
{
"status": "affected",
"version": "2025.7"
},
{
"status": "affected",
"version": "2025.8"
},
{
"status": "affected",
"version": "2025.9"
},
{
"status": "affected",
"version": "2025.10"
},
{
"status": "affected",
"version": "2025.11"
},
{
"status": "affected",
"version": "2025.12"
},
{
"status": "affected",
"version": "2025.13"
},
{
"status": "affected",
"version": "2025.14"
},
{
"status": "affected",
"version": "2025.15"
},
{
"status": "affected",
"version": "2025.16"
},
{
"status": "affected",
"version": "2025.17"
},
{
"status": "affected",
"version": "2025.18"
},
{
"status": "affected",
"version": "2025.19"
},
{
"status": "affected",
"version": "2025.20"
},
{
"status": "affected",
"version": "2025.21"
},
{
"status": "affected",
"version": "2025.22"
},
{
"status": "affected",
"version": "2025.23"
},
{
"status": "affected",
"version": "2025.24"
},
{
"status": "affected",
"version": "2025.25"
},
{
"status": "affected",
"version": "2025.26"
},
{
"status": "affected",
"version": "2025.27"
},
{
"status": "affected",
"version": "2025.28"
},
{
"status": "affected",
"version": "2025.29"
},
{
"status": "affected",
"version": "2025.30"
},
{
"status": "affected",
"version": "2025.31"
},
{
"status": "affected",
"version": "2025.32"
},
{
"status": "affected",
"version": "2025.33"
},
{
"status": "affected",
"version": "2025.34"
},
{
"status": "affected",
"version": "2025.35"
},
{
"status": "affected",
"version": "2025.36"
},
{
"status": "affected",
"version": "2025.37"
},
{
"status": "affected",
"version": "2025.38"
},
{
"status": "affected",
"version": "2025.39"
},
{
"status": "affected",
"version": "2025.40"
},
{
"status": "affected",
"version": "2025.41"
},
{
"status": "affected",
"version": "2025.42"
},
{
"status": "affected",
"version": "2025.43"
},
{
"status": "affected",
"version": "2025.44"
},
{
"status": "affected",
"version": "2025.45"
},
{
"status": "affected",
"version": "2025.46"
},
{
"status": "affected",
"version": "2025.47"
},
{
"status": "affected",
"version": "2025.48"
},
{
"status": "affected",
"version": "2025.49"
},
{
"status": "affected",
"version": "2025.50"
},
{
"status": "affected",
"version": "2025.51"
},
{
"status": "affected",
"version": "2025.52"
},
{
"status": "affected",
"version": "2025.53"
},
{
"status": "affected",
"version": "2025.54"
},
{
"status": "affected",
"version": "2025.55"
},
{
"status": "affected",
"version": "2025.56"
},
{
"status": "affected",
"version": "2025.57"
},
{
"status": "affected",
"version": "2025.58"
},
{
"status": "affected",
"version": "2025.59"
},
{
"status": "affected",
"version": "2025.60"
},
{
"status": "affected",
"version": "2025.61"
},
{
"status": "affected",
"version": "2025.62"
},
{
"status": "affected",
"version": "2025.63"
},
{
"status": "affected",
"version": "2025.64"
},
{
"status": "affected",
"version": "2025.65"
},
{
"status": "affected",
"version": "2025.66"
},
{
"status": "affected",
"version": "2025.67"
},
{
"status": "affected",
"version": "2025.68"
},
{
"status": "affected",
"version": "2025.69"
},
{
"status": "affected",
"version": "2025.70"
},
{
"status": "affected",
"version": "2025.71"
},
{
"status": "affected",
"version": "2025.72"
},
{
"status": "affected",
"version": "2025.73"
},
{
"status": "affected",
"version": "2025.74"
},
{
"status": "affected",
"version": "2025.75"
},
{
"status": "affected",
"version": "2025.76"
},
{
"status": "affected",
"version": "2025.77"
},
{
"status": "affected",
"version": "2025.78"
},
{
"status": "affected",
"version": "2025.79"
},
{
"status": "affected",
"version": "2025.80"
},
{
"status": "affected",
"version": "2025.81"
},
{
"status": "affected",
"version": "2025.82"
},
{
"status": "affected",
"version": "2025.83"
},
{
"status": "affected",
"version": "2025.84"
},
{
"status": "affected",
"version": "2025.85"
},
{
"status": "affected",
"version": "2025.86"
},
{
"status": "affected",
"version": "2025.87"
},
{
"status": "affected",
"version": "2025.88"
},
{
"status": "affected",
"version": "2025.89"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pythok (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is considered difficult. The actual existence of this vulnerability is currently in question. Patch name: fdec3c90a15447bd538641d85e5a3e3ac981011d. To fix this issue, it is recommended to deploy a patch. The project maintainer explains: \"Signature Malleability is not exploitable in SSH protocol. (...) [A] PoC doesn\u0027t exist for SSH implementation, but rather it\u0027s against the internal API.\""
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T05:39:00.731Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-349652 | mkj Dropbear S Range Check curve25519.c unpackneg signature verification",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.349652"
},
{
"name": "VDB-349652 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.349652"
},
{
"name": "Submit #765933 | GitHub Dropbear 2025.89 Improper Verification of Cryptographic Signature",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.765933"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/mkj/dropbear/issues/406"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/mkj/dropbear/pull/407"
},
{
"tags": [
"patch"
],
"url": "https://github.com/mkj/dropbear/commit/fdec3c90a15447bd538641d85e5a3e3ac981011d"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/str4d/ed25519-java/issues/82#issue-727629226"
},
{
"tags": [
"product"
],
"url": "https://github.com/mkj/dropbear/"
}
],
"tags": [
"disputed",
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-07T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-16T06:42:50.000Z",
"value": "VulDB entry last update"
}
],
"title": "mkj Dropbear S Range Check curve25519.c unpackneg signature verification"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-3706",
"datePublished": "2026-03-08T05:02:11.136Z",
"dateReserved": "2026-03-07T09:05:33.842Z",
"dateUpdated": "2026-04-22T18:54:11.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-39413 (GCVE-0-2026-39413)
Vulnerability from cvelistv5 – Published: 2026-04-08 19:41 – Updated: 2026-04-22 15:28- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://github.com/HKUDS/LightRAG/security/adviso… | x_refsource_CONFIRM |
| https://github.com/github/advisory-database/issues/7373 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39413",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-08T20:18:28.117904Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T20:18:55.606Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-04-22T15:28:31.845Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://github.com/github/advisory-database/issues/7373"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "LightRAG",
"vendor": "HKUDS",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.4.14, the LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying \u0027alg\u0027: \u0027none\u0027 in the JWT header. Since the jwt.decode() call does not explicitly deny the \u0027none\u0027 algorithm, a crafted token without a signature will be accepted as valid, leading to unauthorized access. This vulnerability is fixed in 1.4.14."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T19:41:23.909Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/HKUDS/LightRAG/security/advisories/GHSA-8ffj-4hx4-9pgf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/HKUDS/LightRAG/security/advisories/GHSA-8ffj-4hx4-9pgf"
}
],
"source": {
"advisory": "GHSA-8ffj-4hx4-9pgf",
"discovery": "UNKNOWN"
},
"title": "LightRAG has a JWT Algorithm Confusion Vulnerability in LightRAG API"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-39413",
"datePublished": "2026-04-08T19:41:23.909Z",
"dateReserved": "2026-04-07T00:23:30.595Z",
"dateUpdated": "2026-04-22T15:28:31.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-40070 (GCVE-0-2026-40070)
Vulnerability from cvelistv5 – Published: 2026-04-09 17:26 – Updated: 2026-04-13 15:38- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://github.com/sgbett/bsv-ruby-sdk/security/a… | x_refsource_CONFIRM |
| https://github.com/sgbett/bsv-ruby-sdk/issues/305 | x_refsource_MISC |
| https://github.com/sgbett/bsv-ruby-sdk/pull/306 | x_refsource_MISC |
| https://github.com/sgbett/bsv-ruby-sdk/commit/499… | x_refsource_MISC |
| https://brc.dev/52 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| sgbett | bsv-ruby-sdk |
Affected:
>= 0.3.1, < 0.8.2
|
|
| sgbett | bsv-sdk |
Affected:
>= 0.3.1, < 0.8.2
|
|
| sgbett | bsv-wallet |
Affected:
>= 0.1.2, < 0.3.4
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40070",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-13T15:29:59.716749Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T15:38:58.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/sgbett/bsv-ruby-sdk/security/advisories/GHSA-hc36-c89j-5f4j"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bsv-ruby-sdk",
"vendor": "sgbett",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.3.1, \u003c 0.8.2"
}
]
},
{
"product": "bsv-sdk",
"vendor": "sgbett",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.3.1, \u003c 0.8.2"
}
]
},
{
"product": "bsv-wallet",
"vendor": "sgbett",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.1.2, \u003c 0.3.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.3.1 to before 0.8.2, BSV::Wallet::WalletClient#acquire_certificate persists certificate records to storage without verifying the certifier\u0027s signature over the certificate contents. In acquisition_protocol: \u0027direct\u0027, the caller supplies all certificate fields (including signature:) and the record is written to storage verbatim. In acquisition_protocol: \u0027issuance\u0027, the client POSTs to a certifier URL and writes whatever signature the response body contains, also without verification. An attacker who can reach either API (or who controls a certifier endpoint targeted by the issuance path) can forge identity certificates that subsequently appear authentic to list_certificates and prove_certificate."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T17:26:51.495Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sgbett/bsv-ruby-sdk/security/advisories/GHSA-hc36-c89j-5f4j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sgbett/bsv-ruby-sdk/security/advisories/GHSA-hc36-c89j-5f4j"
},
{
"name": "https://github.com/sgbett/bsv-ruby-sdk/issues/305",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sgbett/bsv-ruby-sdk/issues/305"
},
{
"name": "https://github.com/sgbett/bsv-ruby-sdk/pull/306",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sgbett/bsv-ruby-sdk/pull/306"
},
{
"name": "https://github.com/sgbett/bsv-ruby-sdk/commit/4992e8a265fd914a7eeb0405c69d1ff0122a84cc",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sgbett/bsv-ruby-sdk/commit/4992e8a265fd914a7eeb0405c69d1ff0122a84cc"
},
{
"name": "https://brc.dev/52",
"tags": [
"x_refsource_MISC"
],
"url": "https://brc.dev/52"
}
],
"source": {
"advisory": "GHSA-hc36-c89j-5f4j",
"discovery": "UNKNOWN"
},
"title": "bsv-sdk and bsv-wallet persist unverified certifier signatures in acquire_certificate (direct and issuance paths)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-40070",
"datePublished": "2026-04-09T17:26:51.495Z",
"dateReserved": "2026-04-09T00:39:12.204Z",
"dateUpdated": "2026-04-13T15:38:58.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-40372 (GCVE-0-2026-40372)
Vulnerability from cvelistv5 – Published: 2026-04-21 19:20 – Updated: 2026-06-29 12:34- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
| https://access.redhat.com/security/cve/CVE-2026-40372 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2460224 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | ASP.NET Core 10.0 |
Affected:
10.0 , < 10.0.7
(custom)
|
|
| Microsoft | Microsoft Visual Studio 2026 version 18.5 |
Affected:
18.5.0 , < 18.5.2
(custom)
|
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40372",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-21T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T03:56:11.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"datePublic": "2026-04-21T19:20:50.215Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in ASP.NET Core due to improper verification of cryptographic signatures. An unauthorized attacker can exploit this vulnerability remotely over a network, leading to privilege escalation."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Critical"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T12:34:15.223Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-40372"
},
{
"name": "RHBZ#2460224",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460224"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40372.json"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-21T20:01:18.286Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-04-21T19:20:50.215Z",
"value": "Made public."
}
],
"title": "ASP.NET Core: ASP.NET: ASP.NET Core: Privilege escalation via improper cryptographic signature verification",
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "ASP.NET Core 10.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"product": "Microsoft Visual Studio 2026 version 18.5",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "18.5.2",
"status": "affected",
"version": "18.5.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.7",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2026:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.5.2",
"versionStartIncluding": "18.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-04-21T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-19T16:09:01.025Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "ASP.NET Core Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40372"
}
],
"title": "ASP.NET Core Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-40372",
"datePublished": "2026-04-21T19:20:50.215Z",
"dateReserved": "2026-04-11T23:06:15.615Z",
"dateUpdated": "2026-06-29T12:34:15.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-40941 (GCVE-0-2026-40941)
Vulnerability from cvelistv5 – Published: 2026-06-25 23:01 – Updated: 2026-06-26 14:57- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://github.com/Cacti/cacti/security/advisorie… | x_refsource_CONFIRM |
| https://github.com/Cacti/cacti/pull/7054 | x_refsource_MISC |
| https://github.com/Cacti/cacti/releases/tag/relea… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40941",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-26T14:56:48.504785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-26T14:57:48.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T23:01:30.937Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-274c-97hj-pv2v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-274c-97hj-pv2v"
},
{
"name": "https://github.com/Cacti/cacti/pull/7054",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/pull/7054"
},
{
"name": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.31",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.31"
}
],
"source": {
"advisory": "GHSA-274c-97hj-pv2v",
"discovery": "UNKNOWN"
},
"title": "Cacti: Package Import Signature Validation Bypass Allows Self-Signed Packages"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-40941",
"datePublished": "2026-06-25T23:01:30.937Z",
"dateReserved": "2026-04-15T20:40:15.518Z",
"dateUpdated": "2026-06-26T14:57:48.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
No mitigation information available for this CWE.
CAPEC-463: Padding Oracle Crypto Attack
An adversary is able to efficiently decrypt data without knowing the decryption key if a target system leaks data on whether or not a padding error happened while decrypting the ciphertext. A target system that leaks this type of information becomes the padding oracle and an adversary is able to make use of that oracle to efficiently decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). In addition to performing decryption, an adversary is also able to produce valid ciphertexts (i.e., perform encryption) by using the padding oracle, all without knowing the encryption key.
CAPEC-475: Signature Spoofing by Improper Validation
An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.