Skip to main content

CWE-1068

Inconsistency Between Implementation and Documented Design

2 CVEs Avg CVSS 6.6 MITRE
0
CRITICAL
1
HIGH
1
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2026-8149 Maven MEDIUM PATCH This Month

Availability degradation in Bouncy Castle BC-FJA cryptographic library versions 2.1.0 through 2.1.2 on Linux X86_64 systems with AVX or AVX-512f SIMD extensions affects GCM-128 and GCM-512 operations, allowing local attackers to cause denial of service without authentication. The vulnerability is associated with optimized assembly implementations (gcm128w, gcm512w) and results in availability impact with no confidentiality or integrity compromise. No public exploit code or active exploitation has been identified at time of analysis.

Information Disclosure Bc Fja
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-48905 HIGH This Week

WebAssembly exception handling vulnerability in the arkweb v8 module that prevents proper capture of specific Wasm exception types, potentially allowing attackers to bypass security controls or trigger unexpected application behavior. The vulnerability affects arkweb's V8 integration layer and requires network access but high attack complexity to exploit. While the CVSS score of 8.1 indicates high severity with potential impacts to confidentiality, integrity, and availability, real-world exploitability depends on whether active exploitation or proof-of-concept code exists.

Information Disclosure Harmonyos
NVD
CVSS 3.1
8.1
EPSS
0.0%
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Availability degradation in Bouncy Castle BC-FJA cryptographic library versions 2.1.0 through 2.1.2 on Linux X86_64 systems with AVX or AVX-512f SIMD extensions affects GCM-128 and GCM-512 operations, allowing local attackers to cause denial of service without authentication. The vulnerability is associated with optimized assembly implementations (gcm128w, gcm512w) and results in availability impact with no confidentiality or integrity compromise. No public exploit code or active exploitation has been identified at time of analysis.

Information Disclosure Bc Fja
NVD GitHub VulDB
EPSS 0% CVSS 8.1
HIGH This Week

WebAssembly exception handling vulnerability in the arkweb v8 module that prevents proper capture of specific Wasm exception types, potentially allowing attackers to bypass security controls or trigger unexpected application behavior. The vulnerability affects arkweb's V8 integration layer and requires network access but high attack complexity to exploit. While the CVSS score of 8.1 indicates high severity with potential impacts to confidentiality, integrity, and availability, real-world exploitability depends on whether active exploitation or proof-of-concept code exists.

Information Disclosure Harmonyos
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy