VYPR

Liboqs

by Open Quantum Safe

Source repositories

CVEs (7)

  • CVE-2024-31510CriMay 24, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the crypto_sign_signature parameter in the /pqcrystals-dilithium-standard_ml-dsa-44-ipd_avx2/sign.c component.

  • CVE-2026-46344MedMay 29, 2026
    risk 0.27cvss 5.3epss 0.00

    liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called…

  • CVE-2026-44518MedMay 29, 2026
    risk 0.27cvss 5.3epss 0.00

    liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called…

  • CVE-2025-52473MedJul 10, 2025
    risk 0.00cvss 5.9epss 0.00

    liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Multiple secret-dependent branches have been identified in the reference implementation of the HQC key encapsulation mechanism when it is compiled with Clang for…

  • CVE-2025-48946LowMay 30, 2025
    risk 0.00cvss 3.7epss 0.00

    liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. liboqs prior to version 0.13.0 supports the HQC algorithm, an algorithm with a theoretical design flaw which leads to large numbers of malformed ciphertexts…

  • CVE-2024-54137HigDec 6, 2024
    risk 0.00cvss 7.4epss 0.00

    liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, part of the secret key is…

  • CVE-2024-36405MedJun 10, 2024
    risk 0.00cvss 5.9epss 0.01

    liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for…