Falhas do tipo CWE-347
473 resultadosCVE-2026-25793HIGHNebula Has Possible Blocklist Bypass via ECDSA Signature MalleabilityEPSS 0.1%CVE-2026-41005CRITICALUAA accepts SAML Encrypted Assertions authentication bypassEPSS 0.1%CVE-2022-25333HIGHFlawed SK_LOAD module authenticity check in Texas Instruments OMAP L138EPSS 0.1%CVE-2026-34240HIGHjose vulnerable to untrusted JWK header key acceptance during signature verificationEPSS 0.1%CVE-2023-41744HIGHLocal privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Agent (macOS) befEPSS 0.1%CVE-2024-5912MEDIUMCortex XDR Agent: Improper File Signature Verification ChecksEPSS 0.1%CVE-2025-68925MEDIUMJervis has a JWT Algorithm Confusion VulnerabilityEPSS 0.1%CVE-2022-2790MEDIUMEmerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptographic Signature,EPSS 0.1%CVE-2026-32294HIGHJetKVM insufficient firmware verificationEPSS 0.1%CVE-2026-48523MEDIUMPyJWT: Algorithm allow-list bypass when decoding with `PyJWK` / `PyJWKClient` keysEPSS 0.1%CVE-2026-42193CRITICALPlunk: SNS webhook forgeryEPSS 0.1%CVE-2024-47476HIGHDell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of Cryptographic Signature vulnerability. An unauthEPSS 0.1%CVE-2024-23460MEDIUMIncorrect signature validation of packageEPSS 0.1%CVE-2025-43521MEDIUMA downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS EPSS 0.1%CVE-2025-64186HIGHEvervault Go SDK: Incomplete PCR Validation in Enclave Attestation for non-Evervault hosted EnclavesEPSS 0.1%CVE-2025-43390MEDIUMA downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS EPSS 0.1%CVE-2026-33467MEDIUMImproper Verification of Cryptographic Signature in Elastic Package Registry Leading to Package Integrity BypassEPSS 0.1%CVE-2024-38807MEDIUMCVE-2024-38807: Signature Forgery Vulnerability in Spring Boot's LoaderEPSS 0.1%CVE-2026-27445MEDIUMPGP Signature ReflectionEPSS 0.1%CVE-2023-40727HIGHA vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application uses weak oEPSS 0.1%