CWE-354
AllowedImproper Validation of Integrity Check Value
Abstraction: Base · Status: Draft
The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.
231 vulnerabilities reference this CWE, most recent first.
CVE-2026-32317 (GCVE-0-2026-32317)
Vulnerability from cvelistv5 – Published: 2026-03-20 18:29 – Updated: 2026-03-20 18:55| URL | Tags |
|---|---|
| https://github.com/cryptomator/android/security/a… | x_refsource_CONFIRM |
| https://github.com/cryptomator/android/releases/t… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| cryptomator | android |
Affected:
< 1.12.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32317",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-20T18:55:10.511313Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T18:55:21.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "android",
"vendor": "cryptomator",
"versions": [
{
"status": "affected",
"version": "\u003c 1.12.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptomator for Android offers multi-platform transparent client-side encryption for files in the cloud. Prior to version 1.12.3, an integrity check vulnerability allows an attacker tamper with the vault configuration file leading to a man-in-the-middle vulnerability in Hub key loading mechanism. Before this fix, the client trusted endpoints from the vault config without host authenticity checks, which could allow token exfiltration by mixing a legitimate auth endpoint with a malicious API endpoint. Impacted are users unlocking Hub-backed vaults with affected client versions in environments where an attacker can alter the vault.cryptomator file. This issue has been patched in version 1.12.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346: Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354: Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-451",
"description": "CWE-451: User Interface (UI) Misrepresentation of Critical Information",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-923",
"description": "CWE-923: Improper Restriction of Communication Channel to Intended Endpoints",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T18:29:01.127Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/cryptomator/android/security/advisories/GHSA-876q-q3mm-fcvj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/cryptomator/android/security/advisories/GHSA-876q-q3mm-fcvj"
},
{
"name": "https://github.com/cryptomator/android/releases/tag/1.12.3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cryptomator/android/releases/tag/1.12.3"
}
],
"source": {
"advisory": "GHSA-876q-q3mm-fcvj",
"discovery": "UNKNOWN"
},
"title": "Cryptomator for Android: Tampered vault configuration allows MITM attack on Hub API"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-32317",
"datePublished": "2026-03-20T18:29:01.127Z",
"dateReserved": "2026-03-11T21:16:21.660Z",
"dateUpdated": "2026-03-20T18:55:21.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32313 (GCVE-0-2026-32313)
Vulnerability from cvelistv5 – Published: 2026-03-13 19:50 – Updated: 2026-03-16 13:45- CWE-354 - Improper Validation of Integrity Check Value
| URL | Tags |
|---|---|
| https://github.com/robrichards/xmlseclibs/securit… | x_refsource_CONFIRM |
| https://github.com/robrichards/xmlseclibs/commit/… | x_refsource_MISC |
| https://github.com/robrichards/xmlseclibs/release… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| robrichards | xmlseclibs |
Affected:
< 3.1.5
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32313",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T13:44:53.256945Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T13:45:07.031Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "xmlseclibs",
"vendor": "robrichards",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Prior to 3.1.5, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover the GHASH key, and decrypt the encrypted nodes. It also allows to forge arbitrary ciphertexts without knowing the encryption key. This vulnerability is fixed in 3.1.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354: Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T19:50:48.530Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/robrichards/xmlseclibs/security/advisories/GHSA-4v26-v6cg-g6f9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/robrichards/xmlseclibs/security/advisories/GHSA-4v26-v6cg-g6f9"
},
{
"name": "https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/robrichards/xmlseclibs/commit/03062be78178cbb5e8f605cd255dc32a14981f92"
},
{
"name": "https://github.com/robrichards/xmlseclibs/releases/tag/3.1.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/robrichards/xmlseclibs/releases/tag/3.1.5"
}
],
"source": {
"advisory": "GHSA-4v26-v6cg-g6f9",
"discovery": "UNKNOWN"
},
"title": "xmlseclibs is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-32313",
"datePublished": "2026-03-13T19:50:48.530Z",
"dateReserved": "2026-03-11T21:16:21.660Z",
"dateUpdated": "2026-03-16T13:45:07.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32303 (GCVE-0-2026-32303)
Vulnerability from cvelistv5 – Published: 2026-03-20 17:57 – Updated: 2026-03-23 21:41| URL | Tags |
|---|---|
| https://github.com/cryptomator/cryptomator/securi… | x_refsource_CONFIRM |
| https://github.com/cryptomator/cryptomator/pull/4179 | x_refsource_MISC |
| https://github.com/cryptomator/cryptomator/commit… | x_refsource_MISC |
| https://github.com/cryptomator/cryptomator/releas… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| cryptomator | cryptomator |
Affected:
< 1.19.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T20:52:44.437617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T21:41:57.420Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cryptomator",
"vendor": "cryptomator",
"versions": [
{
"status": "affected",
"version": "\u003c 1.19.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.1, an integrity check vulnerability allows an attacker to tamper with the vault configuration file leading to a man-in-the-middle vulnerability in Hub key loading mechanism. Before this fix, the client trusted endpoints from the vault config without host authenticity checks, which could allow token exfiltration by mixing a legitimate auth endpoint with a malicious API endpoint. Impacted are users unlocking Hub-backed vaults with affected client versions in environments where an attacker can alter the vault.cryptomator file. This issue has been patched in version 1.19.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346: Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354: Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-451",
"description": "CWE-451: User Interface (UI) Misrepresentation of Critical Information",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-923",
"description": "CWE-923: Improper Restriction of Communication Channel to Intended Endpoints",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T17:57:31.884Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/cryptomator/cryptomator/security/advisories/GHSA-34rf-rwr3-7g43",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/cryptomator/cryptomator/security/advisories/GHSA-34rf-rwr3-7g43"
},
{
"name": "https://github.com/cryptomator/cryptomator/pull/4179",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cryptomator/cryptomator/pull/4179"
},
{
"name": "https://github.com/cryptomator/cryptomator/commit/6b82abcd80449a30b561d823193f9ecea542a625",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cryptomator/cryptomator/commit/6b82abcd80449a30b561d823193f9ecea542a625"
},
{
"name": "https://github.com/cryptomator/cryptomator/releases/tag/1.19.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cryptomator/cryptomator/releases/tag/1.19.1"
}
],
"source": {
"advisory": "GHSA-34rf-rwr3-7g43",
"discovery": "UNKNOWN"
},
"title": "Cryptomator: Tampered vault configuration allows MITM attack on Hub API"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-32303",
"datePublished": "2026-03-20T17:57:31.884Z",
"dateReserved": "2026-03-11T21:16:21.659Z",
"dateUpdated": "2026-03-23T21:41:57.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32148 (GCVE-0-2026-32148)
Vulnerability from cvelistv5 – Published: 2026-04-30 18:17 – Updated: 2026-05-01 04:33| URL | Tags |
|---|---|
| https://github.com/hexpm/hex/security/advisories/… | vendor-advisoryrelated |
| https://cna.erlef.org/cves/CVE-2026-32148.html | related |
| https://osv.dev/vulnerability/EEF-CVE-2026-32148 | related |
| https://github.com/hexpm/hex/commit/d7528c8199a11… | patch |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32148",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-30T19:03:06.385106Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-30T19:03:24.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/hexpm/hex/security/advisories/GHSA-hmv9-4mfr-m92v"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:hexpm:hex:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"modules": [
"\u0027Elixir.Hex.RemoteConverger\u0027"
],
"packageName": "hex",
"packageURL": "pkg:otp/hex?repository_url=https:%2F%2Fgithub.com%2Fhexpm%2Fhex\u0026vcs_url=git%20https:%2F%2Fgithub.com%2Fhexpm%2Fhex.git",
"product": "hex",
"programFiles": [
"lib/hex/remote_converger.ex"
],
"programRoutines": [
{
"name": "\u0027Elixir.Hex.RemoteConverger\u0027:verify_resolved/2"
}
],
"repo": "https://github.com/hexpm/hex",
"vendor": "hexpm",
"versions": [
{
"lessThan": "2.4.2",
"status": "affected",
"version": "0.16.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://github.com",
"cpes": [
"cpe:2.3:a:hexpm:hex:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"modules": [
"\u0027Elixir.Hex.RemoteConverger\u0027"
],
"packageName": "hexpm/hex",
"packageURL": "pkg:github/hexpm/hex",
"product": "hex",
"programFiles": [
"lib/hex/remote_converger.ex"
],
"programRoutines": [
{
"name": "\u0027Elixir.Hex.RemoteConverger\u0027:verify_resolved/2"
}
],
"repo": "https://github.com/hexpm/hex.git",
"vendor": "hexpm",
"versions": [
{
"lessThan": "d7528c8199a1144511508bf3a6460026a5a14c8e",
"status": "affected",
"version": "e01576f28c64af9fae6eb17e2dad30f6efcb303c",
"versionType": "git"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hexpm:hex:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.2",
"versionStartIncluding": "0.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Paul Fleischer"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Jonatan M\u00e4nnchen / EEF"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Eric Meadows-J\u00f6nsson / Hex.pm"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient Verification of Data Authenticity vulnerability in hexpm hex (\u003ctt\u003eHex.RemoteConverger\u003c/tt\u003e module) allows dependency integrity bypass via unverified lockfile checksums.\u003cp\u003eHex stores checksums for dependencies in the \u003ctt\u003emix.lock\u003c/tt\u003e file to ensure reproducible and integrity-checked builds. However, \u003ctt\u003eHex.RemoteConverger.verify_resolved/2\u003c/tt\u003e never executes checksum verification because the lock data returned by \u003ctt\u003eHex.Utils.lock/1\u003c/tt\u003e uses string-based dependency names, while the verification logic compares against atom-based names. This type mismatch causes the verification code path to be silently skipped. Checksums are still validated when packages are initially downloaded from the registry, but mismatches between the lockfile and resolved dependencies are not detected.\u003c/p\u003e\u003cp\u003eAn attacker who can influence cached packages (e.g., via local cache poisoning or a compromised registry) can provide modified dependency contents that will be accepted without detection. The \u003ctt\u003emix.lock\u003c/tt\u003e file is silently rewritten with the checksum values from the registry, erasing evidence of tampering.\u003c/p\u003e\u003cp\u003eThis issue affects hex: from 0.16.0 before 2.4.2.\u003c/p\u003e"
}
],
"value": "Insufficient Verification of Data Authenticity vulnerability in hexpm hex (Hex.RemoteConverger module) allows dependency integrity bypass via unverified lockfile checksums.\n\nHex stores checksums for dependencies in the mix.lock file to ensure reproducible and integrity-checked builds. However, Hex.RemoteConverger.verify_resolved/2 never executes checksum verification because the lock data returned by Hex.Utils.lock/1 uses string-based dependency names, while the verification logic compares against atom-based names. This type mismatch causes the verification code path to be silently skipped. Checksums are still validated when packages are initially downloaded from the registry, but mismatches between the lockfile and resolved dependencies are not detected.\n\nAn attacker who can influence cached packages (e.g., via local cache poisoning or a compromised registry) can provide modified dependency contents that will be accepted without detection. The mix.lock file is silently rewritten with the checksum values from the registry, erasing evidence of tampering.\n\nThis issue affects hex: from 0.16.0 before 2.4.2."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354 Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494 Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-01T04:33:38.198Z",
"orgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"shortName": "EEF"
},
"references": [
{
"tags": [
"vendor-advisory",
"related"
],
"url": "https://github.com/hexpm/hex/security/advisories/GHSA-hmv9-4mfr-m92v"
},
{
"tags": [
"related"
],
"url": "https://cna.erlef.org/cves/CVE-2026-32148.html"
},
{
"tags": [
"related"
],
"url": "https://osv.dev/vulnerability/EEF-CVE-2026-32148"
},
{
"tags": [
"patch"
],
"url": "https://github.com/hexpm/hex/commit/d7528c8199a1144511508bf3a6460026a5a14c8e"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Lockfile checksums not verified in Hex allows dependency integrity bypass",
"x_generator": {
"engine": "cvelib 1.8.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"assignerShortName": "EEF",
"cveId": "CVE-2026-32148",
"datePublished": "2026-04-30T18:17:03.783Z",
"dateReserved": "2026-03-10T22:37:29.213Z",
"dateUpdated": "2026-05-01T04:33:38.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32105 (GCVE-0-2026-32105)
Vulnerability from cvelistv5 – Published: 2026-04-17 19:27 – Updated: 2026-04-20 16:22- CWE-354 - Improper Validation of Integrity Check Value
| URL | Tags |
|---|---|
| https://github.com/neutrinolabs/xrdp/security/adv… | x_refsource_CONFIRM |
| https://github.com/neutrinolabs/xrdp/releases/tag… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| neutrinolabs | xrdp |
Affected:
< 0.10.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32105",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-20T16:22:40.648583Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-20T16:22:50.262Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "xrdp",
"vendor": "neutrinolabs",
"versions": [
{
"status": "affected",
"version": "\u003c 0.10.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code (MAC) signature of encrypted RDP packets when using the \"Classic RDP Security\" layer. While the sender correctly generates signatures, the receiving logic lacks the necessary implementation to validate the 8-byte integrity signature, causing it to be silently ignored. An unauthenticated attacker with man-in-the-middle (MITM) capabilities can exploit this missing check to modify encrypted traffic in transit without detection. It does not affect connections where the TLS security layer is enforced. This issue has been fixed in version 0.10.6. If users are unable to immediately upgrade, they should configure xrdp.ini to enforce TLS security (security_layer=tls) to ensure end-to-end integrity."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:H/SI:H/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354: Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-17T19:27:39.809Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-j2jm-c596-c5q3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-j2jm-c596-c5q3"
},
{
"name": "https://github.com/neutrinolabs/xrdp/releases/tag/v0.10.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/neutrinolabs/xrdp/releases/tag/v0.10.6"
}
],
"source": {
"advisory": "GHSA-j2jm-c596-c5q3",
"discovery": "UNKNOWN"
},
"title": "xrdp: RDP MAC signature (dataSignature) never verified on receive \u2014 integrity bypass in non-TLS mode"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-32105",
"datePublished": "2026-04-17T19:27:39.809Z",
"dateReserved": "2026-03-10T22:02:38.854Z",
"dateUpdated": "2026-04-20T16:22:50.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-31839 (GCVE-0-2026-31839)
Vulnerability from cvelistv5 – Published: 2026-03-11 16:46 – Updated: 2026-03-11 17:07- CWE-354 - Improper Validation of Integrity Check Value
| URL | Tags |
|---|---|
| https://github.com/striae-org/striae/security/adv… | x_refsource_CONFIRM |
| https://github.com/striae-org/striae/releases/tag… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| striae-org | striae |
Affected:
>= 0.9.22-0, < 3.0.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-31839",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T17:06:57.326835Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T17:07:35.742Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "striae",
"vendor": "striae-org",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.9.22-0, \u003c 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Striae is a firearms examiner\u0027s comparison companion. A high-severity integrity bypass vulnerability existed in Striae\u0027s digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered confirmation packages to pass integrity checks. This vulnerability is fixed in 3.0.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354: Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T16:46:22.132Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/striae-org/striae/security/advisories/GHSA-mmf8-487q-p45m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/striae-org/striae/security/advisories/GHSA-mmf8-487q-p45m"
},
{
"name": "https://github.com/striae-org/striae/releases/tag/v3.0.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/striae-org/striae/releases/tag/v3.0.0"
}
],
"source": {
"advisory": "GHSA-mmf8-487q-p45m",
"discovery": "UNKNOWN"
},
"title": "Striae has a hash validation utility vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-31839",
"datePublished": "2026-03-11T16:46:22.132Z",
"dateReserved": "2026-03-09T17:41:56.078Z",
"dateUpdated": "2026-03-11T17:07:35.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-28498 (GCVE-0-2026-28498)
Vulnerability from cvelistv5 – Published: 2026-03-16 18:03 – Updated: 2026-07-15 01:11| URL | Tags |
|---|---|
| https://github.com/authlib/authlib/security/advis… | x_refsource_CONFIRM |
| https://github.com/authlib/authlib/commit/b9bb2b2… | x_refsource_MISC |
| https://github.com/authlib/authlib/releases/tag/v1.6.9 | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2026-28498 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2448182 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:6309 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:6912 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:6720 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:6568 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:6497 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:6567 | vendor-advisoryx_refsource_REDHAT |
| Vendor | Product | Version | |
|---|---|---|---|
| authlib | authlib |
Affected:
< 1.6.9
|
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 |
Unaffected:
1774417022 , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform:2.6::el9 |
|
| Red Hat | Red Hat Quay 3.10 |
Unaffected:
1775169155 , < *
(rpm)
cpe:/a:redhat:quay:3.10::el8 |
|
| Red Hat | Red Hat Quay 3.12 |
Unaffected:
1775253092 , < *
(rpm)
cpe:/a:redhat:quay:3.12::el8 |
|
| Red Hat | Red Hat Quay 3.15 |
Unaffected:
1775169219 , < *
(rpm)
cpe:/a:redhat:quay:3.15::el8 |
|
| Red Hat | Red Hat Quay 3.16 |
Unaffected:
1775069491 , < *
(rpm)
Unaffected: 1775169226 , < * (rpm) cpe:/a:redhat:quay:3.16::el9 |
|
| Red Hat | Lightspeed Core |
cpe:/a:redhat:lightspeed_core |
|
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat Satellite 6 |
cpe:/a:redhat:satellite:6 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-28498",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T18:14:21.039703Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T18:14:42.149Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-26/lightspeed-chatbot-rhel9",
"product": "Red Hat Ansible Automation Platform 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774417022",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.10::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775169155",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.12::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775253092",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.15::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775169219",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.16::el9"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel9",
"product": "Red Hat Quay 3.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775069491",
"versionType": "rpm"
},
{
"lessThan": "*",
"status": "unaffected",
"version": "1775169226",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lightspeed_core"
],
"defaultStatus": "unaffected",
"packageName": "lightspeed-core/lightspeed-stack-rhel9",
"product": "Lightspeed Core",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-25/lightspeed-chatbot-rhel8",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-mlflow-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"packageName": "satellite/foreman-mcp-server-rhel9",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
}
],
"datePublic": "2026-03-16T18:03:28.821Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Authlib, a Python library used for building OAuth and OpenID Connect (OIDC) servers. This vulnerability allows a remote attacker to bypass critical integrity checks in OIDC ID Tokens. Specifically, the library\u0027s internal hash verification logic fails open when encountering an unsupported cryptographic algorithm, accepting a forged ID Token as valid. This can lead to an authentication bypass, granting unauthorized access to systems relying on Authlib for OIDC authentication."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-325",
"description": "Missing Cryptographic Step",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T01:11:43.610Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-28498"
},
{
"name": "RHBZ#2448182",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448182"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28498.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6309"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6912"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6720"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6568"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6497"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6567"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:6309: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:6912: Red Hat Quay 3.10"
},
{
"lang": "en",
"value": "RHSA-2026:6720: Red Hat Quay 3.12"
},
{
"lang": "en",
"value": "RHSA-2026:6568: Red Hat Quay 3.15"
},
{
"lang": "en",
"value": "RHSA-2026:6497: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:6567: Red Hat Quay 3.16"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-16T19:02:00.128Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-03-16T18:03:28.821Z",
"value": "Made public."
}
],
"title": "authlib: Authlib: Authentication bypass via forged OpenID Connect ID Tokens",
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "authlib",
"vendor": "authlib",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect (OIDC) ID Tokens. Specifically, the internal hash verification logic (_verify_hash) responsible for validating the at_hash (Access Token Hash) and c_hash (Authorization Code Hash) claims exhibits a fail-open behavior when encountering an unsupported or unknown cryptographic algorithm. This flaw allows an attacker to bypass mandatory integrity protections by supplying a forged ID Token with a deliberately unrecognized alg header parameter. The library intercepts the unsupported state and silently returns True (validation passed), inherently violating fundamental cryptographic design principles and direct OIDC specifications. This issue has been patched in version 1.6.9."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354: Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-573",
"description": "CWE-573: Improper Following of Specification by Caller",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T18:03:28.821Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/authlib/authlib/security/advisories/GHSA-m344-f55w-2m6j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/authlib/authlib/security/advisories/GHSA-m344-f55w-2m6j"
},
{
"name": "https://github.com/authlib/authlib/commit/b9bb2b25bf8b7e01512d847a95c1749646eaa72b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/authlib/authlib/commit/b9bb2b25bf8b7e01512d847a95c1749646eaa72b"
},
{
"name": "https://github.com/authlib/authlib/releases/tag/v1.6.9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/authlib/authlib/releases/tag/v1.6.9"
}
],
"source": {
"advisory": "GHSA-m344-f55w-2m6j",
"discovery": "UNKNOWN"
},
"title": "Authlib: Fail-Open Cryptographic Verification in OIDC Hash Binding"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-28498",
"datePublished": "2026-03-16T18:03:28.821Z",
"dateReserved": "2026-02-27T20:57:47.708Z",
"dateUpdated": "2026-07-15T01:11:43.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-28402 (GCVE-0-2026-28402)
Vulnerability from cvelistv5 – Published: 2026-02-27 21:08 – Updated: 2026-03-03 20:31- CWE-354 - Improper Validation of Integrity Check Value
| URL | Tags |
|---|---|
| https://github.com/nimiq/core-rs-albatross/securi… | x_refsource_CONFIRM |
| https://github.com/nimiq/core-rs-albatross/pull/3623 | x_refsource_MISC |
| https://github.com/nimiq/core-rs-albatross/commit… | x_refsource_MISC |
| https://github.com/nimiq/core-rs-albatross/releas… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| nimiq | core-rs-albatross |
Affected:
< 1.2.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-28402",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T20:31:49.868298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T20:31:59.946Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "core-rs-albatross",
"vendor": "nimiq",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.2.2, a malicious or compromised validator that is elected as proposer can publish a macro block proposal where `header.body_root` does not match the actual macro body hash. The proposal can pass proposal verification because the macro proposal verification path validates the header but does not validate the binding `body_root == hash(body)`; later code expects this binding and may panic on mismatch, crashing validators. Note that the impact is only for validator nodes. The patch for this vulnerability is formally released as part of v1.2.2. The patch adds the corresponding body root verification in the proposal checks. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354: Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T21:08:53.573Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-7wh6-rmxx-ww47",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-7wh6-rmxx-ww47"
},
{
"name": "https://github.com/nimiq/core-rs-albatross/pull/3623",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nimiq/core-rs-albatross/pull/3623"
},
{
"name": "https://github.com/nimiq/core-rs-albatross/commit/6454c26d966858c5520f55739a30b94c17656c85",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nimiq/core-rs-albatross/commit/6454c26d966858c5520f55739a30b94c17656c85"
},
{
"name": "https://github.com/nimiq/core-rs-albatross/releases/tag/v1.2.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nimiq/core-rs-albatross/releases/tag/v1.2.2"
}
],
"source": {
"advisory": "GHSA-7wh6-rmxx-ww47",
"discovery": "UNKNOWN"
},
"title": "nimiq/core-rs-albatross\u0027s nimiq-blockchain missing proposal body root verification"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-28402",
"datePublished": "2026-02-27T21:08:53.573Z",
"dateReserved": "2026-02-27T15:33:57.289Z",
"dateUpdated": "2026-03-03T20:31:59.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26928 (GCVE-0-2026-26928)
Vulnerability from cvelistv5 – Published: 2026-04-02 14:01 – Updated: 2026-04-02 14:21- CWE-354 - Improper Validation of Integrity Check Value
| URL | Tags |
|---|---|
| https://cert.pl/posts/2026/04/CVE-2026-26927 | third-party-advisory |
| https://www.elektronicznypodpis.pl/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| Krajowa Izba Rozliczeniowa | SzafirHost |
Affected:
0 , < 1.1.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26928",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T14:21:35.804676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T14:21:50.711Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SzafirHost",
"vendor": "Krajowa Izba Rozliczeniowa",
"versions": [
{
"lessThan": "1.1.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Micha\u0142 Leszczy\u0144ski"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SzafirHost\u0026nbsp;downloads necessary files in the context of the \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003einitiating web page.\u003c/span\u003e\u0026nbsp;When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed by the vendor. The application doesn\u0027t verify hash or vendor\u0027s digital signature of uploaded\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDLL, SO, JNILIB or DYLIB\u003c/span\u003e file. The attacker can provide malicious file which will be saved in users /temp folder\u0026nbsp;\u003cspan style=\"background-color: rgba(221, 223, 228, 0.04);\"\u003eand executed by the application.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003eThis issue was fixed in version 1.1.0."
}
],
"value": "SzafirHost\u00a0downloads necessary files in the context of the initiating web page.\u00a0When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed by the vendor. The application doesn\u0027t verify hash or vendor\u0027s digital signature of uploaded\u00a0DLL, SO, JNILIB or DYLIB file. The attacker can provide malicious file which will be saved in users /temp folder\u00a0and executed by the application.\n\nThis issue was fixed in version 1.1.0."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354 Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T14:01:42.262Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2026/04/CVE-2026-26927"
},
{
"tags": [
"product"
],
"url": "https://www.elektronicznypodpis.pl/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Lack of Dynamic Library Validation in SzafirHost",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2026-26928",
"datePublished": "2026-04-02T14:01:42.262Z",
"dateReserved": "2026-02-16T09:01:03.143Z",
"dateUpdated": "2026-04-02T14:21:50.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26275 (GCVE-0-2026-26275)
Vulnerability from cvelistv5 – Published: 2026-02-19 21:25 – Updated: 2026-02-20 15:42| URL | Tags |
|---|---|
| https://github.com/junkurihara/httpsig-rs/securit… | x_refsource_CONFIRM |
| https://github.com/junkurihara/httpsig-rs/pull/14 | x_refsource_MISC |
| https://github.com/junkurihara/httpsig-rs/pull/15 | x_refsource_MISC |
| https://github.com/junkurihara/httpsig-rs/commit/… | x_refsource_MISC |
| https://github.com/junkurihara/httpsig-rs/commit/… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| junkurihara | httpsig-rs |
Affected:
< 0.0.23
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26275",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T15:32:12.586184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T15:42:05.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "httpsig-rs",
"vendor": "junkurihara",
"versions": [
{
"status": "affected",
"version": "\u003c 0.0.23"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "httpsig-hyper is a hyper extension for http message signatures. An issue was discovered in `httpsig-hyper` prior to version 0.0.23 where Digest header verification could incorrectly succeed due to misuse of Rust\u0027s `matches!` macro. Specifically, the comparison `if matches!(digest, _expected_digest)` treated `_expected_digest` as a pattern binding rather than a value comparison, resulting in unconditional success of the match expression. As a consequence, digest verification could incorrectly return success even when the computed digest did not match the expected value. Applications relying on Digest verification as part of HTTP message signature validation may therefore fail to detect message body modification. The severity depends on how the library is integrated and whether additional signature validation layers are enforced. This issue has been fixed in `httpsig-hyper` 0.0.23. The fix replaces the incorrect `matches!` usage with proper value comparison and additionally introduces constant-time comparison for digest verification as defense-in-depth. Regression tests have also been added to prevent reintroduction of this issue. Users are strongly advised to upgrade to the patched version. There is no reliable workaround without upgrading. Users who cannot immediately upgrade should avoid relying solely on Digest verification for message integrity and ensure that full HTTP message signature verification is enforced at the application layer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354: Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-697",
"description": "CWE-697: Incorrect Comparison",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T21:25:37.335Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/junkurihara/httpsig-rs/security/advisories/GHSA-7v42-g35v-xrch",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/junkurihara/httpsig-rs/security/advisories/GHSA-7v42-g35v-xrch"
},
{
"name": "https://github.com/junkurihara/httpsig-rs/pull/14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/junkurihara/httpsig-rs/pull/14"
},
{
"name": "https://github.com/junkurihara/httpsig-rs/pull/15",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/junkurihara/httpsig-rs/pull/15"
},
{
"name": "https://github.com/junkurihara/httpsig-rs/commit/5533f596c650377e02f4aa9e3eb8dba591b87370",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/junkurihara/httpsig-rs/commit/5533f596c650377e02f4aa9e3eb8dba591b87370"
},
{
"name": "https://github.com/junkurihara/httpsig-rs/commit/65cbd19b395180a4bba09a89746c4b14ccb8d297",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/junkurihara/httpsig-rs/commit/65cbd19b395180a4bba09a89746c4b14ccb8d297"
}
],
"source": {
"advisory": "GHSA-7v42-g35v-xrch",
"discovery": "UNKNOWN"
},
"title": "httpsig-hyper has Improper Digest Verification that May Allow Message Integrity Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-26275",
"datePublished": "2026-02-19T21:25:37.335Z",
"dateReserved": "2026-02-12T17:10:53.413Z",
"dateUpdated": "2026-02-20T15:42:05.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Ensure that the checksums present in messages are properly checked in accordance with the protocol specification before they are parsed and used.
CAPEC-145: Checksum Spoofing
An adversary spoofs a checksum message for the purpose of making a payload appear to have a valid corresponding checksum. Checksums are used to verify message integrity. They consist of some value based on the value of the message they are protecting. Hash codes are a common checksum mechanism. Both the sender and recipient are able to compute the checksum based on the contents of the message. If the message contents change between the sender and recipient, the sender and recipient will compute different checksum values. Since the sender's checksum value is transmitted with the message, the recipient would know that a modification occurred. In checksum spoofing an adversary modifies the message body and then modifies the corresponding checksum so that the recipient's checksum calculation will match the checksum (created by the adversary) in the message. This would prevent the recipient from realizing that a change occurred.
CAPEC-463: Padding Oracle Crypto Attack
An adversary is able to efficiently decrypt data without knowing the decryption key if a target system leaks data on whether or not a padding error happened while decrypting the ciphertext. A target system that leaks this type of information becomes the padding oracle and an adversary is able to make use of that oracle to efficiently decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). In addition to performing decryption, an adversary is also able to produce valid ciphertexts (i.e., perform encryption) by using the padding oracle, all without knowing the encryption key.
CAPEC-75: Manipulating Writeable Configuration Files
Generally these are manually edited files that are not in the preview of the system administrators, any ability on the attackers' behalf to modify these files, for example in a CVS repository, gives unauthorized access directly to the application, the same as authorized users.