Export limit exceeded: 361694 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (3 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-12205 1 Timlegge 1 Crypt::dsa 2026-06-17 9.1 Critical
Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign() on a Key object picks a nonce, and every later sign() on that same object reuses it, producing an identical "r". Keys used to sign more than once with an affected version should be considered compromised.
CVE-2026-8704 1 Timlegge 1 Crypt::dsa 2026-05-18 6.5 Medium
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified.
CVE-2026-8700 1 Timlegge 1 Crypt::dsa 2026-05-18 7.3 High
Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.