VYPR

CWE-347

Improper Verification of Cryptographic Signature

BaseDraft

Description

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-463 · CAPEC-475

CVEs mapped to this weakness (357)

page 11 of 18
  • CVE-2026-7689LowMay 3, 2026
    risk 0.24cvss 3.7epss 0.00

    A security flaw has been discovered in Dolibarr ERP CRM up to 23.0.2. This vulnerability affects the function dol_verifyHash in the library htdocs/core/lib/security.lib.php of the component Online Signature Module. The manipulation results in improper verification of…

  • CVE-2026-4115LowMar 22, 2026
    risk 0.24cvss 3.7epss 0.01

    A vulnerability was detected in PuTTY 0.83. Affected is the function eddsa_verify of the file crypto/ecc-ssh.c of the component Ed25519 Signature Handler. The manipulation results in improper verification of cryptographic signature. The attack may be performed from remote. The…

  • CVE-2026-3706LowMar 8, 2026
    risk 0.24cvss 3.7epss 0.00

    A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The…

  • CVE-2025-15598LowMar 3, 2026
    risk 0.24cvss 3.7epss 0.00

    A vulnerability was found in Dataease SQLBot up to 1.5.1. This impacts the function validateEmbedded of the file backend/apps/system/middleware/auth.py of the component JWT Token Handler. Performing a manipulation results in improper verification of cryptographic signature. The…

  • CVE-2026-2968LowFeb 23, 2026
    risk 0.24cvss 3.7epss 0.00

    A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg_chacha20_poly1305_decrypt of the file /src/tls_chacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature.…

  • CVE-2025-8556LowAug 6, 2025
    risk 0.24cvss 3.7epss 0.00

    A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.

  • CVE-2023-0657LowNov 17, 2024
    risk 0.22cvss 3.4epss 0.00

    A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.

  • CVE-2016-9604MedJul 11, 2018
    risk 0.22cvss 4.4epss 0.00

    It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by…

  • CVE-2025-43522LowDec 12, 2025
    risk 0.21cvss 3.3epss 0.00

    A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data.

  • CVE-2025-64787LowDec 9, 2025
    risk 0.21cvss 3.3epss 0.00

    Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this…

  • CVE-2025-64786LowDec 9, 2025
    risk 0.21cvss 3.3epss 0.00

    Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this…

  • CVE-2020-36843MedMar 13, 2025
    risk 0.21cvss 4.3epss 0.00

    The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA (Strong Existential Unforgeability under Chosen Message Attacks) property. This allows attackers to create new valid signatures different…

  • CVE-2024-52813MedJan 7, 2025
    risk 0.21cvss 4.3epss 0.00

    matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Versions of the matrix-sdk-crypto Rust crate before 0.8.0 lack a dedicated mechanism to notify that a user's cryptographic identity has changed from a verified to an unverified one, which could cause…

  • CVE-2026-6873LowJun 3, 2026
    risk 0.20cvss 3.1epss 0.00

    An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.http.HttpRequest.get_signed_cookie` in Django uses a non-injective salt derivation (concatenating the cookie name and salt argument), which allows a remote attacker to use a cookie in a context…

  • CVE-2026-39413MedApr 8, 2026
    risk 0.20cvss 4.2epss 0.00

    LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.4.14, the LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the jwt.decode() call does not explicitly…

  • CVE-2026-1190LowJan 26, 2026
    risk 0.20cvss 3.1epss 0.00

    A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language (SAML) setup, it fails to validate the `NotOnOrAfter` timestamp within the `SubjectConfirmationData`. This allows an attacker to delay the…

  • CVE-2026-41694LowJun 10, 2026
    risk 0.17cvss 3.7epss 0.00

    Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloads and use the Service Provider as a decryption oracle. Affected versions:…

  • CVE-2026-6986LowApr 25, 2026
    risk 0.17cvss 3.7epss 0.00

    A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic…

  • CVE-2024-51744LowNov 4, 2024
    risk 0.13cvss 3.1epss 0.01

    golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors…

  • CVE-2026-4541LowMar 22, 2026
    risk 0.09cvss 2.5epss 0.00

    A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/crypto_sign_ed25519_tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is…