CVE search
361,540 resultsCVE-2026-6092LOWEncrypt-then-MAC could fall back to MAC-then-Encrypt when HAVE_ENCRYPT_THEN_MAC is configuredEPSS 0.2%CVE-2026-6325LOWOut-of-bounds write in SetSuitesHashSigAlgo on oversized signature algorithms listEPSS 0.2%CVE-2026-6329MEDIUMPKCS#12 MAC verification uses attacker-controlled comparison lengthEPSS 0.2%CVE-2026-6330MEDIUMML-KEM ARM64 NEON ciphertext comparison only compares half of the inputEPSS 0.1%CVE-2026-40702CRITICALEVoke Systems EVoke CSMS Missing Authentication for Critical FunctionEPSS 0.4%CVE-2026-50176HIGHEVoke Systems EVoke CSMS Improper Restriction of Excessive Authentication AttemptsEPSS 0.4%CVE-2026-11800HIGHOrg.keycloak:keycloak-services: keycloak: authentication bypass via jwt algorithm confusionEPSS 0.2%CVE-2026-54479MEDIUMEVoke Systems EVoke CSMS Insufficient Session ExpirationEPSS 0.2%CVE-2026-6331LOWHMAC zero-length tag forgery in EVP_DigestVerifyFinalEPSS 0.1%CVE-2026-44622MEDIUMEVoke Systems EVoke CSMS Insufficiently Protected CredentialsEPSS 0.2%CVE-2026-56445HIGHpydicom pynetdicom Library Path TraversalEPSS 0.4%CVE-2026-12473HIGHOHIF Viewers DICOM Server-Side request forgeryEPSS 0.2%CVE-2026-6412LOWContinued acceptance of SHA-1/MD5 digests in certificate processingEPSS 0.1%CVE-2026-6450LOWCRL critical extension bypass in ParseCRL_ExtensionsEPSS 0.2%CVE-2026-6678LOWInteger underflow in wc_PKCS7_DecryptOri handling crafted Other Recipient InfoEPSS 0.2%CVE-2026-6679HIGHDTLS 1.3 ACK serialization heap buffer overflow via integer truncationEPSS 0.4%CVE-2026-6681LOWPKCS#7 decode ignores caller output buffer size, writing past buffer boundsEPSS 0.3%CVE-2026-6731MEDIUMX.509 name constraint bypass via Subject CN treated as a DNS nameEPSS 0.1%CVE-2026-7531LOWUse-after-free in PQC hybrid key-share handlingEPSS 0.3%CVE-2026-10097HIGHML-KEM-1024 x64 AVX2 incomplete cipher text comparison enables IND-CCA2 break and static private-key recoveryEPSS 0.2%