Fallos del tipo CWE-325
52 resultadosCVE-2026-49440HIGHDeno: Miller-Rabin Primality Test Allows Zero RoundsEPSS 0.1%CVE-2026-41395HIGHOpenClaw < 2026.3.28 - Webhook Replay via Query Parameter Reordering in Plivo V3EPSS 0.1%CVE-2015-20112LOWRLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network.EPSS 0.1%CVE-2026-0420MEDIUMMissing TLS certificate validation in NETGEAR's ReadyCloud client appEPSS 0.1%CVE-2025-47383HIGHMissing Cryptographic Step in Data ModemEPSS 0.1%CVE-2026-6458MEDIUMAES-256-GCM Authentication Tag Does Not Cover First Ciphertext Blocks When AAD Is EmptyEPSS 0.1%CVE-2026-29142MEDIUMPlaintext secure-mail.htmlEPSS 0.1%CVE-2025-49600MEDIUMIn MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_verify may accept invalid signatures if hash computation fails and internal errors go unchecked, EPSS 0.1%CVE-2025-5323MEDIUMfossasia open-event-server Mail Verification mail.py send_email_change_user_email reliance on obfuscation or encryption of security-relevant inputs without integrity checkingEPSS 0.1%CVE-2025-69418MEDIUMUnauthenticated/unencrypted trailing bytes with low-level OCB function callsEPSS 0.1%CVE-2025-59339MEDIUMThe Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync scriptEPSS 0.1%CVE-2026-9266HIGHA Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and contrEPSS 0.1%