Skip to main content

Java CVE-2026-5598

| EUVDEUVD-2026-22872 HIGH
Covert Timing Channel (CWE-385)
2026-04-15 bcorg GHSA-p93r-85wp-75v3
8.9
CVSS 4.0 · Vendor: bcorg
Share

Severity by source

Vendor (bcorg) PRIMARY
8.9 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:X/V:X/RE:X/U:Red
SUSE
8.6 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Red Hat
7.5 HIGH
qualitative

Primary rating from Vendor (bcorg).

CVSS VectorVendor: bcorg

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:X/V:X/RE:X/U:Red
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
P

Lifecycle Timeline

11
Patch released
Apr 21, 2026 - 16:16 nvd
Patch available
Severity Changed
Apr 21, 2026 - 15:22 NVD
CRITICAL HIGH
CVSS changed
Apr 21, 2026 - 15:22 NVD
10.0 (CRITICAL) 8.9 (HIGH)
Re-analysis Queued
Apr 17, 2026 - 15:52 vuln.today
cvss_changed
Analysis Updated
Apr 16, 2026 - 05:34 vuln.today
v2 (patch_released)
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
1.84
Analysis Generated
Apr 15, 2026 - 12:38 vuln.today
EUVD ID Assigned
Apr 15, 2026 - 09:30 euvd
EUVD-2026-22872
Analysis Generated
Apr 15, 2026 - 09:30 vuln.today
CVE Published
Apr 15, 2026 - 09:05 nvd
HIGH 8.9

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 5 maven packages depend on org.bouncycastle:bcprov-jdk14 (2 direct, 3 indirect)
  • 295 maven packages depend on org.bouncycastle:bcprov-jdk15to18 (58 direct, 240 indirect)
  • 4,153 maven packages depend on org.bouncycastle:bcprov-jdk18on (622 direct, 3,538 indirect)

Ecosystem-wide dependent count for version 1.81 and other introduced versions.

DescriptionCVE.org

Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). Non-constant time comparisons risk private key leakage in FrodoKEM.

This issue affects BC-JAVA: from 2.17.3 before 1.84.

AnalysisAI

Non-constant time comparison operations in the Legion of the Bouncy Castle BC-JAVA cryptographic library (core modules, versions 2.17.3 through 1.83) expose FrodoKEM private keys to timing side-channel attacks, enabling remote unauthenticated attackers to extract cryptographic secrets through statistical analysis of operation timing variations. CVSS 4.0 score of 10.0 reflects maximum confidentiality and integrity impact across system and subsequent contexts. EPSS probability is low (0.04%, 14th percentile) and no active exploitation is confirmed, but SSVC framework rates this as automatable with total technical impact. Vendor patch available in BC-JAVA 1.84.

Technical ContextAI

This vulnerability affects the FrodoKEM post-quantum cryptographic implementation in Bouncy Castle's BC-JAVA library. FrodoKEM is a lattice-based Key Encapsulation Mechanism (KEM) selected for NIST post-quantum cryptography standardization. The flaw (CWE-385: Covert Timing Channel) stems from non-constant time comparison operations during cryptographic computations. Constant-time implementations are critical in cryptography because branching or conditional operations based on secret values cause measurable timing variations. Attackers can perform statistical timing analysis across thousands of operations to deduce bits of the private key. Bouncy Castle BC-JAVA is a widely-deployed Java cryptography provider used for SSL/TLS, code signing, and encrypted communications. The affected CPE (cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bc-java) encompasses all core modules from version 2.17.3 up to but not including 1.84, though the version range notation appears inconsistent and should be verified against the vendor advisory.

RemediationAI

Upgrade BC-JAVA to version 1.84 or later, which contains vendor-released patches addressing the non-constant time comparison operations in FrodoKEM. Refer to the vendor security advisory at https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598 for specific upgrade guidance and release notes. For environments where immediate patching is not feasible, implement network-level timing jitter by deploying reverse proxies or load balancers that normalize response times, though this mitigation is incomplete as local network timing may still leak information. Consider temporarily disabling FrodoKEM cipher suites in TLS configurations if the post-quantum algorithm is not operationally required, reverting to classical ECDHE key exchange; this workaround eliminates post-quantum forward secrecy protections. Monitor cryptographic operations for unusual patterns of repeated connection attempts from single sources, which may indicate timing analysis attacks in progress. Prioritize patching for systems handling high-value cryptographic operations or exposed to nation-state threat actors.

More in Java

View all
CVE-2012-4681 CRITICAL POC
9.8 Aug 28

Oracle Java SE 7 Update 6 and earlier contains multiple sandbox bypass vulnerabilities via the ClassFinder and forName m

CVE-2015-7450 CRITICAL POC
9.8 Jan 02

Remote code execution in IBM Sterling B2B Integrator, Sterling Integrator, and Tivoli Common Reporting allows unauthenti

CVE-2013-2465 CRITICAL POC
9.8 Jun 18

Java Runtime Environment sandbox bypass via incorrect image channel verification in 2D component allows remote unauthent

CVE-2011-3544 CRITICAL POC
9.8 Oct 19

Oracle Java SE JDK/JRE 7 and 6 Update 27 and earlier allows remote code execution with complete system compromise throug

CVE-2010-1871 HIGH POC
8.8 Aug 05

JBoss Seam 2 in Red Hat JBoss EAP 4.3.0 fails to sanitize JBoss Expression Language inputs, allowing remote attackers to

CVE-2012-1723 CRITICAL POC
9.8 Jun 16

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 up

CVE-2013-0422 CRITICAL POC
9.8 Jan 10

Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using

CVE-2012-0507 CRITICAL POC
9.8 Jun 07

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Up

CVE-2015-4852 CRITICAL POC
9.8 Nov 18

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers

CVE-2012-5076 CRITICAL POC
9.8 Oct 16

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allow

CVE-2017-3066 CRITICAL POC
9.8 Apr 27

Remote unauthenticated attackers can execute arbitrary code on Adobe ColdFusion servers through Java deserialization fla

CVE-2012-0391 CRITICAL POC
9.8 Jan 08

The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS Affected
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS Affected
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS Affected
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS Affected
SUSE Linux Enterprise Module for Development Tools 15 SP7 Affected

Share

CVE-2026-5598 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy