VYPR

CWE-325

Missing Cryptographic Step

BaseDraft

Description

The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-68

CVEs mapped to this weakness (34)

page 1 of 2
  • CVE-2024-53441CriDec 9, 2024
    risk 0.59cvss 9.1epss 0.00

    An issue in the index.js decryptCookie function of cookie-encrypter v1.0.1 allows attackers to execute a bit flipping attack.

  • CVE-2026-4601HigMar 23, 2026
    risk 0.50cvss 8.7epss 0.00

    Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an…

  • CVE-2025-30147HigMay 7, 2025
    risk 0.50cvss epss 0.00

    Besu Native contains scripts and tooling that is used to build and package the native libraries used by the Ethereum client Hyperledger Besu. Besu 24.7.1 through 25.2.2, corresponding to besu-native versions 0.9.0 through 1.2.1, have a potential consensus bug for the precompiles…

  • CVE-2026-9266HigJun 12, 2026
    risk 0.45cvss epss 0.00

    A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a…

  • CVE-2018-5383MedAug 7, 2018
    risk 0.44cvss 6.8epss 0.01

    Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a…

  • CVE-2026-45445HigJun 9, 2026
    risk 0.42cvss 7.5epss 0.00

    Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce…

  • CVE-2026-41395HigApr 28, 2026
    risk 0.42cvss 7.5epss 0.00

    OpenClaw before 2026.3.28 contains a webhook replay vulnerability in Plivo V3 signature verification that canonicalizes query ordering for signatures but hashes raw URLs for replay detection. Attackers can reorder query parameters to bypass replay cache detection and trigger…

  • CVE-2026-4258HigMar 17, 2026
    risk 0.42cvss 7.5epss 0.00

    All versions of the package sjcl are vulnerable to Improper Verification of Cryptographic Signature due to missing point-on-curve validation in sjcl.ecc.basicKey.publicKey(). An attacker can recover a victim's ECDH private key by sending crafted off-curve public keys and…

  • CVE-2021-22946HigSep 29, 2021
    risk 0.42cvss 7.5epss 0.04

    A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed…

  • CVE-2026-49440higJun 16, 2026
    risk 0.38cvss epss 0.00

    ## Summary `node:crypto.checkPrime(candidate[, options][, callback])` and `crypto.checkPrimeSync(candidate[, options])` ran no Miller-Rabin rounds at all when the caller left `options.checks` at its default of `0`. In that mode, the only test applied to the candidate was trial…

  • CVE-2016-9574MedJul 19, 2018
    risk 0.38cvss 5.9epss 0.01

    nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECDHE-ECDSA.

  • CVE-2026-48480MedJun 4, 2026
    risk 0.36cvss epss 0.00

    The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.22.FInal, the codec-ohttp implementation of draft-ietf-ohai-chunked-ohttp does not verify that a cryptographically-signed final chunk was received before the outer HTTP body terminates.…

  • CVE-2026-29142MedApr 2, 2026
    risk 0.34cvss 5.3epss 0.00

    SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to forge a GINA-encrypted email.

  • CVE-2025-58359MedSep 5, 2025
    risk 0.32cvss epss 0.00

    ZF FROST is a Rust implementation of FROST (Flexible Round-Optimised Schnorr Threshold signatures). In versions 2.0.0 through 2.1.0, refresh shares with smaller min_signers will reduce security of group. The inability to change min_signers (i.e. the threshold) with the refresh…

  • CVE-2025-49600MedJul 4, 2025
    risk 0.32cvss 4.9epss 0.00

    In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_verify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS (Leighton-Micali Signature) forgery in a fault scenario. Specifically, unchecked return values in mbedtls_lms_verify allow an…

  • CVE-2026-0420MedJun 9, 2026
    risk 0.30cvss epss 0.00

    An improper implementation of TLS certificate validation vulnerability found in NETGEAR's ReadyCloud client app which could allow an attacker to perform attacker-in-the-middle (MiTM) style attacks impacting the product's confidentiality. This vulnerability affects the listed…

  • CVE-2025-69418MedJan 27, 2026
    risk 0.26cvss 4.0epss 0.00

    Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15…

  • CVE-2026-45446MedJun 9, 2026
    risk 0.24cvss 4.8epss 0.00

    Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with…

  • CVE-2025-5323LowMay 29, 2025
    risk 0.24cvss 3.7epss 0.00

    A vulnerability, which was classified as problematic, has been found in fossasia open-event-server 1.19.1. This issue affects the function send_email_change_user_email of the file /fossasia/open-event-server/blob/development/app/api/helpers/mail.py of the component Mail…

  • CVE-2025-59339MedSep 17, 2025
    risk 0.22cvss 4.4epss 0.00

    The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote…