| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-3505 | Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion. | Legion of the Bouncy Castle Inc. | BC-JAVA | 中危 | - | 2026-04-15 09:06:38 | Deep Dive |
| CVE-2026-5588 | PKIX draft CompositeVerifier accepts empty signature sequence as valid. | Legion of the Bouncy Castle Inc. | BC-JAVA | 中危 | - | 2026-04-15 09:06:16 | Deep Dive |
| CVE-2026-5598 | Non-constant time comparisons risk private key leakage in FrodoKEM. | Legion of the Bouncy Castle Inc. | BC-JAVA | 中危 | - | 2026-04-15 09:05:56 | Deep Dive |
| CVE-2026-0636 | LDAP Injection Vulnerability in LDAPStoreHelper.java | Legion of the Bouncy Castle Inc. | BC-JAVA | 中危 | - | 2026-04-15 08:59:13 | Deep Dive |
| CVE-2025-14813 | GOSTCTR implementation unable to process more than 255 blocks correctly | Legion of the Bouncy Castle Inc. | BC-JAVA | 中危 | - | 2026-04-15 08:56:34 | Deep Dive |
| CVE-2025-12194 | Bouncy Castle Java 安全漏洞 | Legion of the Bouncy Castle Inc. | Bouncy Castle for Java FIPS | 中危 | - | 2025-10-24 22:51:37 | Deep Dive |
| CVE-2025-9340 | native encrypt/decrypt operations in JCE may corrupt data if same byte array used for input and output. | Legion of the Bouncy Castle Inc. | Bouncy Castle for Java | - | - | 2025-08-22 09:39:47 | Deep Dive |
| CVE-2025-9341 | Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion | Legion of the Bouncy Castle Inc. | Bouncy Castle for Java FIPS | - | - | 2025-08-22 09:09:17 | Deep Dive |
| CVE-2025-9092 | Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion | Legion of the Bouncy Castle Inc. | Bouncy Castle for Java - BC-FJA 2.1.0 | - | - | 2025-08-16 10:29:59 | Deep Dive |
| CVE-2025-8916 | Possible DOS in processing large name constraint structures in PKIXCertPathReveiwer | Legion of the Bouncy Castle Inc. | BC Java | 中危 | - | 2025-08-13 09:31:21 | Deep Dive |
| CVE-2025-8885 | Possible DOS in processing specially formed ASN.1 Object Identifiers | Legion of the Bouncy Castle Inc. | BC Java | 中危 | - | 2025-08-12 09:13:43 | Deep Dive |
| CVE-2018-5382 | Bouncy Castle BKS-V1 keystore files vulnerable to trivial hash collisions | Legion of the Bouncy Castle | Bouncy Castle | 超危 | - | 2018-04-16 13:00:00 | Deep Dive |
| CVE-2017-13098 | BouncyCastle JCE TLS Bleichenbacher/ROBOT | Legion of the Bouncy Castle | BouncyCastle TLS | 中危 | - | 2017-12-13 01:00:00 | Deep Dive |