Skip to main content

Cryptx

3 CVEs product

Monthly

CVE-2026-13758 LOW PATCH Monitor

Non-constant-time AEAD authentication tag comparison in CryptX before 0.088_001 for Perl exposes a timing oracle in the streaming decrypt_done path, enabling authentication tag forgery across five AEAD cipher modes: GCM, CCM, ChaCha20Poly1305, EAX, and OCB. An attacker who can submit many candidate tags for a fixed nonce and ciphertext while precisely measuring response timing can recover the expected tag byte-by-byte and forge authenticated messages. No public exploit code exists and CISA has not listed this in KEV; EPSS is 0.23% (13th percentile), consistent with SSVC's 'Exploitation: none' rating at time of disclosure.

Oracle Information Disclosure Cryptx
NVD GitHub VulDB
CVSS 3.1
3.7
EPSS
0.2%
CVE-2026-41565 HIGH PATCH This Week

Denial-of-service via stack buffer overflow in CryptX (Perl cryptography module) versions before 0.088_001 affects four AEAD decryption helpers that copy attacker-controlled authentication tags into a fixed 144-byte stack buffer without bounds checking. Remote attackers can crash any Perl application that passes untrusted tags to gcm_decrypt_verify, ccm_decrypt_verify, chacha20poly1305_decrypt_verify, or eax_decrypt_verify, resulting in process termination. No public exploit identified at time of analysis, and EPSS scoring (0.04%, 13th percentile) reflects low expected exploitation activity despite the network attack vector.

Buffer Overflow Stack Overflow Cryptx Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41564 HIGH PATCH This Week

PRNG state reuse across forked processes in CryptX for Perl allows remote attackers to recover private signing keys through cryptographic nonce-reuse attacks. When Crypt::PK objects are created before fork() in preforking web servers like Starman, every child process inherits identical PRNG state, causing duplicate randomness in cryptographic operations. Two ECDSA or DSA signatures generated by different worker processes are sufficient to mathematically recover the private key. EPSS exploitation probability is low (0.02%), but CISA SSVC framework confirms proof-of-concept availability and automatable exploitation. Vendor patch released in CryptX 0.088.

Information Disclosure Cryptx
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 3.7
LOW PATCH Monitor

Non-constant-time AEAD authentication tag comparison in CryptX before 0.088_001 for Perl exposes a timing oracle in the streaming decrypt_done path, enabling authentication tag forgery across five AEAD cipher modes: GCM, CCM, ChaCha20Poly1305, EAX, and OCB. An attacker who can submit many candidate tags for a fixed nonce and ciphertext while precisely measuring response timing can recover the expected tag byte-by-byte and forge authenticated messages. No public exploit code exists and CISA has not listed this in KEV; EPSS is 0.23% (13th percentile), consistent with SSVC's 'Exploitation: none' rating at time of disclosure.

Oracle Information Disclosure Cryptx
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial-of-service via stack buffer overflow in CryptX (Perl cryptography module) versions before 0.088_001 affects four AEAD decryption helpers that copy attacker-controlled authentication tags into a fixed 144-byte stack buffer without bounds checking. Remote attackers can crash any Perl application that passes untrusted tags to gcm_decrypt_verify, ccm_decrypt_verify, chacha20poly1305_decrypt_verify, or eax_decrypt_verify, resulting in process termination. No public exploit identified at time of analysis, and EPSS scoring (0.04%, 13th percentile) reflects low expected exploitation activity despite the network attack vector.

Buffer Overflow Stack Overflow Cryptx +2
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

PRNG state reuse across forked processes in CryptX for Perl allows remote attackers to recover private signing keys through cryptographic nonce-reuse attacks. When Crypt::PK objects are created before fork() in preforking web servers like Starman, every child process inherits identical PRNG state, causing duplicate randomness in cryptographic operations. Two ECDSA or DSA signatures generated by different worker processes are sufficient to mathematically recover the private key. EPSS exploitation probability is low (0.02%), but CISA SSVC framework confirms proof-of-concept availability and automatable exploitation. Vendor patch released in CryptX 0.088.

Information Disclosure Cryptx
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy