CWE-1240 — Vulnerability Class 15

15 vulnerabilities classified as CWE-1240. AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Paused
CVE-2025-64647	Multiple Vulnerabilities in IBM Concert Software — Concert	5.9	Medium	2026-03-25
CVE-2026-27017	uTLS has a Chrome Parrot Fingerprint Vulnerability due to GREASE ECH Cipher Suite Mismatch — utls	9.1	-	2026-02-20
CVE-2026-22705	RustCrypto: Signatures has timing side-channel in ML-DSA decomposition — signatures	6.4	Medium	2026-01-10
CVE-2025-14505	Elliptic Cryptanalysis vulnerability when `k` has leading zeros — Elliptic	5.6	Medium	2026-01-08
CVE-2025-53960	Apache StreamPark: Uses the user’s password as the secret key — Apache StreamPark	7.5^AI	High^AI	2025-12-12
CVE-2025-46424	Dell CloudLink 安全漏洞 — CloudLink	6.7	Medium	2025-11-05
CVE-2025-58720	Windows Cryptographic Services Information Disclosure Vulnerability — Windows 10 Version 1809	7.8	High	2025-10-14
CVE-2025-29808	Windows Cryptographic Services Information Disclosure Vulnerability — Windows Server 2022	5.5	Medium	2025-04-08
CVE-2025-29779	Post-Quantum Secure Feldman's Verifiable Secret Sharing has Inadequate Fault Injection Countermeasures in `secure_redundant_execution` — PostQuantum-Feldman-VSS	9.8	-	2025-03-14
CVE-2025-22475	Dell PowerProtect Data Domain 安全漏洞 — PowerProtect DD	3.7	Low	2025-02-04
CVE-2025-24802	Soundness issue with Plonky2 look up tables — plonky2	8.6	High	2025-01-30
CVE-2024-37137	Dell Key Trust Platform 安全漏洞 — CloudLink	3.8	Low	2024-06-28
CVE-2023-51392	Silicon Labs EFR32xxx parts with classic key storage do not use hardware accelerated AES-CCM — Ember ZNet SDK	6.2	Medium	2024-02-23
CVE-2024-0220	B&R products use insufficient communication encryption — Automation Studio	8.3	High	2024-02-22
CVE-2024-0323	FTP uses unsecure encryption mechanisms — Automation Runtime	9.8	Critical	2024-02-05

Vulnerabilities classified as CWE-1240 represent 15 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.