Skip to main content

CWE-325

Missing Cryptographic Step

40 CVEs Avg CVSS 6.4 MITRE
0
CRITICAL
16
HIGH
22
MEDIUM
2
LOW
8
POC
0
KEV

Monthly

CVE-2026-58638 MEDIUM PATCH Exploit Likely This Month

Missing cryptographic step in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.

Authentication Bypass Microsoft Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +14
NVD
CVSS 3.1
6.0
EPSS
0.2%
CVE-2026-55144 HIGH PATCH This Week

Local tampering in Windows CryptoAPI (Crypt32) on Windows 11 (24H2/25H2/26H1) and Windows Server 2022/2025 stems from a missing cryptographic step, letting an authenticated local attacker undermine the integrity and confidentiality of cryptographically protected data. Microsoft rates it 7.1 (High) with high confidentiality and integrity impact; there is no public exploit identified at time of analysis and it is not on the CISA KEV list. A vendor patch is available through the MSRC update guide.

Microsoft Information Disclosure Windows 11 Version 24H2 Windows 11 Version 25H2 Windows 11 Version 26H1 +3
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2026-6458 MEDIUM This Month

Broken GCM integrity in Caliptra Core Runtime Firmware 2.0.0-2.1.0 allows an adjacent, low-privileged attacker to silently tamper with ciphertext produced by the streaming AES-256-GCM API when called with empty AAD. The root defect - a missing save of the hardware GHASH accumulator state after the first streaming update call - causes the final authentication tag to exclude the first batch of processed ciphertext, nullifying the integrity guarantee of authenticated encryption for that block. No public exploit has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Core Runtime Firmware
NVD GitHub
CVSS 4.0
5.1
EPSS
0.1%
CVE-2026-49440 Cargo HIGH PATCH GHSA This Week

Cryptographic primality validation in Deno's Node.js compatibility layer (versions <= 2.8.0) silently skips Miller-Rabin testing when `crypto.checkPrime`/`checkPrimeSync` is called with default options, causing crafted composites whose smallest prime factor exceeds 17,863 (e.g. 17,881 × 17,891) to be reported as prime. Remote attackers who control bignums fed into a victim Deno application can therefore smuggle composite values past validation, with no public exploit identified at time of analysis beyond the vendor-published reproducer.

Information Disclosure Microsoft OpenSSL Node.js
NVD GitHub
CVSS 3.1
7.4
EPSS
0.1%
CVE-2026-9266 HIGH This Week

Disk encryption bypass in Moxa UC-1200A series industrial computers allows an attacker with invasive physical access to recover the LUKS disk encryption key by sniffing the SPI bus between the CPU and TPM2 chip. The flaw is an incomplete fix for CVE-2026-0714 - Moxa added TPM2 parameter encryption but misconfigured the authorization session so the encryption provides no real protection. No public exploit identified at time of analysis, and the CVSS 4.0 vector (AV:P) reflects that exploitation is bounded to attackers who can physically open the device.

Information Disclosure Uc 1200A Series
NVD VulDB
CVSS 4.0
7.0
EPSS
0.0%
CVE-2026-0420 MEDIUM PATCH This Month

TLS certificate validation failure in the ReadyCloud client app on multiple NETGEAR router models exposes confidential data to network interception. The app does not properly validate TLS certificates (CWE-325), enabling a network-positioned attacker to perform man-in-the-middle (MiTM) attacks against ReadyCloud communications. Affected models include the RAX35, RAX38, RAX40, RAX120v1, and RAX120v2 running firmware below the patched versions; no public exploit code exists and no active exploitation has been confirmed.

Information Disclosure Netgear Rax120V1 Rax120V2 Rax35 +2
NVD VulDB
CVSS 4.0
4.6
EPSS
0.0%
CVE-2026-42770 LOW PATCH Monitor

FFC-DH peer validation in OpenSSL incorrectly accepts an attacker-supplied `q` (subgroup order) parameter instead of using the locally trusted value, undermining the cryptographic integrity of Diffie-Hellman key exchange. Affected branches span OpenSSL 3.0.x, 3.4.x, 3.5.x, 3.6.x, and 4.0.0, with patched releases issued across all five branches on 2026-06-09. With a CVSS score of 3.7 (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) and no confirmed active exploitation or public proof-of-concept, this is a moderate-priority patch item rather than an emergency response trigger - though its broad reach across widely deployed OpenSSL branches warrants timely remediation.

OpenSSL Information Disclosure
NVD GitHub VulDB
CVSS 3.1
3.7
EPSS
0.0%
CVE-2026-45446 MEDIUM PATCH This Month

Incorrect authentication tag processing for empty messages in OpenSSL's AES-GCM-SIV and AES-SIV cipher modes enables network-positioned attackers to bypass integrity guarantees on empty ciphertext, yielding limited confidentiality and integrity violations (CVSS 4.8, CWE-325). Affected branches span OpenSSL 3.0.x through 4.0.0, all patched in the OpenSSL 4.0.1 security release dated 2026-06-09. No public exploit has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.

OpenSSL Information Disclosure
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-45445 HIGH PATCH This Week

Confidentiality break in OpenSSL's AES-OCB implementation stems from the EVP_Cipher() code path ignoring the caller-supplied initialization vector (IV), causing the cipher to operate with a fixed/default IV instead. Affected branches include 3.0.x prior to 3.0.21, 3.4.x prior to 3.4.6, 3.5.x prior to 3.5.7, 3.6.x prior to 3.6.3, and 4.0.0, fixed in OpenSSL 4.0.1 and corresponding maintenance releases. With no public exploit identified at time of analysis and no CISA KEV listing, the issue is rated High (CVSS 7.5) due to high confidentiality impact via network-reachable cryptographic operations.

OpenSSL Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-48480 Maven MEDIUM POC PATCH GHSA This Month

Truncation of chunked Oblivious HTTP (OHTTP) streams in netty-incubator-codec-ohttp prior to 0.0.22.Final silently passes partial, cryptographically-incomplete messages to the receiving application with no decryption error or exception. An on-path adversary - the OHTTP relay itself or a MITM on the relay↔gateway or relay↔client transport - can cut a legitimate chunked-OHTTP message at any non-final chunk boundary and cleanly close the outer HTTP body, bypassing the cryptographic integrity guarantee the final-chunk marker is designed to provide. No public exploit is identified (CVSS E:U) and no CISA KEV listing exists, but the integrity impact is rated High (VI:H) given that receivers silently accept and may act on structurally incomplete messages.

Information Disclosure Java
NVD GitHub VulDB
CVSS 4.0
6.6
EPSS
0.0%
EPSS 0% CVSS 6.0
MEDIUM PATCH Exploit Likely This Month

Missing cryptographic step in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.

Authentication Bypass Microsoft Windows 10 Version 1809 +16
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Local tampering in Windows CryptoAPI (Crypt32) on Windows 11 (24H2/25H2/26H1) and Windows Server 2022/2025 stems from a missing cryptographic step, letting an authenticated local attacker undermine the integrity and confidentiality of cryptographically protected data. Microsoft rates it 7.1 (High) with high confidentiality and integrity impact; there is no public exploit identified at time of analysis and it is not on the CISA KEV list. A vendor patch is available through the MSRC update guide.

Microsoft Information Disclosure Windows 11 Version 24H2 +5
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Broken GCM integrity in Caliptra Core Runtime Firmware 2.0.0-2.1.0 allows an adjacent, low-privileged attacker to silently tamper with ciphertext produced by the streaming AES-256-GCM API when called with empty AAD. The root defect - a missing save of the hardware GHASH accumulator state after the first streaming update call - causes the final authentication tag to exclude the first batch of processed ciphertext, nullifying the integrity guarantee of authenticated encryption for that block. No public exploit has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Core Runtime Firmware
NVD GitHub
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Cryptographic primality validation in Deno's Node.js compatibility layer (versions <= 2.8.0) silently skips Miller-Rabin testing when `crypto.checkPrime`/`checkPrimeSync` is called with default options, causing crafted composites whose smallest prime factor exceeds 17,863 (e.g. 17,881 × 17,891) to be reported as prime. Remote attackers who control bignums fed into a victim Deno application can therefore smuggle composite values past validation, with no public exploit identified at time of analysis beyond the vendor-published reproducer.

Information Disclosure Microsoft OpenSSL +1
NVD GitHub
EPSS 0% CVSS 7.0
HIGH This Week

Disk encryption bypass in Moxa UC-1200A series industrial computers allows an attacker with invasive physical access to recover the LUKS disk encryption key by sniffing the SPI bus between the CPU and TPM2 chip. The flaw is an incomplete fix for CVE-2026-0714 - Moxa added TPM2 parameter encryption but misconfigured the authorization session so the encryption provides no real protection. No public exploit identified at time of analysis, and the CVSS 4.0 vector (AV:P) reflects that exploitation is bounded to attackers who can physically open the device.

Information Disclosure Uc 1200A Series
NVD VulDB
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

TLS certificate validation failure in the ReadyCloud client app on multiple NETGEAR router models exposes confidential data to network interception. The app does not properly validate TLS certificates (CWE-325), enabling a network-positioned attacker to perform man-in-the-middle (MiTM) attacks against ReadyCloud communications. Affected models include the RAX35, RAX38, RAX40, RAX120v1, and RAX120v2 running firmware below the patched versions; no public exploit code exists and no active exploitation has been confirmed.

Information Disclosure Netgear Rax120V1 +4
NVD VulDB
EPSS 0% CVSS 3.7
LOW PATCH Monitor

FFC-DH peer validation in OpenSSL incorrectly accepts an attacker-supplied `q` (subgroup order) parameter instead of using the locally trusted value, undermining the cryptographic integrity of Diffie-Hellman key exchange. Affected branches span OpenSSL 3.0.x, 3.4.x, 3.5.x, 3.6.x, and 4.0.0, with patched releases issued across all five branches on 2026-06-09. With a CVSS score of 3.7 (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) and no confirmed active exploitation or public proof-of-concept, this is a moderate-priority patch item rather than an emergency response trigger - though its broad reach across widely deployed OpenSSL branches warrants timely remediation.

OpenSSL Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Incorrect authentication tag processing for empty messages in OpenSSL's AES-GCM-SIV and AES-SIV cipher modes enables network-positioned attackers to bypass integrity guarantees on empty ciphertext, yielding limited confidentiality and integrity violations (CVSS 4.8, CWE-325). Affected branches span OpenSSL 3.0.x through 4.0.0, all patched in the OpenSSL 4.0.1 security release dated 2026-06-09. No public exploit has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.

OpenSSL Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Confidentiality break in OpenSSL's AES-OCB implementation stems from the EVP_Cipher() code path ignoring the caller-supplied initialization vector (IV), causing the cipher to operate with a fixed/default IV instead. Affected branches include 3.0.x prior to 3.0.21, 3.4.x prior to 3.4.6, 3.5.x prior to 3.5.7, 3.6.x prior to 3.6.3, and 4.0.0, fixed in OpenSSL 4.0.1 and corresponding maintenance releases. With no public exploit identified at time of analysis and no CISA KEV listing, the issue is rated High (CVSS 7.5) due to high confidentiality impact via network-reachable cryptographic operations.

OpenSSL Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 6.6
MEDIUM POC PATCH This Month

Truncation of chunked Oblivious HTTP (OHTTP) streams in netty-incubator-codec-ohttp prior to 0.0.22.Final silently passes partial, cryptographically-incomplete messages to the receiving application with no decryption error or exception. An on-path adversary - the OHTTP relay itself or a MITM on the relay↔gateway or relay↔client transport - can cut a legitimate chunked-OHTTP message at any non-final chunk boundary and cleanly close the outer HTTP body, bypassing the cryptographic integrity guarantee the final-chunk marker is designed to provide. No public exploit is identified (CVSS E:U) and no CISA KEV listing exists, but the integrity impact is rated High (VI:H) given that receivers silently accept and may act on structurally incomplete messages.

Information Disclosure Java
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy