Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-327 (使用已被攻破或存在风险的密码学算法) — Vulnerability Class 254

254 vulnerabilities classified as CWE-327 (使用已被攻破或存在风险的密码学算法). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-32959 Silex SD-330AC和Silex AMC Manager 安全漏洞 — SD-330AC 5.9 Medium2026-04-20
CVE-2026-5588 PKIX draft CompositeVerifier accepts empty signature sequence as valid. — BC-JAVA 9.1 -2026-04-15
CVE-2025-14813 GOSTCTR implementation unable to process more than 255 blocks correctly — BC-JAVA 7.5 -2026-04-15
CVE-2025-14859 Semtech LR11xx Secure Boot Bypass — LR1110 4.2AIMediumAI2026-04-07
CVE-2026-5682 Meesho Online Shopping App com.meesho.supply endpoint risky encryption — Online Shopping App 3.7 Low2026-04-06
CVE-2026-34950 fast-jwt has an incomplete fix for CVE-2023-48223: JWT Algorithm Confusion via Whitespace-Prefixed RSA Public Key — fast-jwt 9.1 Critical2026-04-06
CVE-2025-13916 Multiple vulnerabilities have been addressed in IBM Aspera Shares — Aspera Shares 5.9 Medium2026-04-01
CVE-2019-25651 Ubiquiti UniFi Devices Use of AES-CBC Allows Key Recovery and Unauthorized Device Control — UniFi Network Controller 8.3 High2026-03-27
CVE-2026-28252 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge — Tracer SC 9.8AICriticalAI2026-03-12
CVE-2025-41711 Use of a Broken or Risky Cryptographic Algorithm for firmware images of power analyzer — UMG 96RM-E 24V(5222063) 5.3 Medium2026-03-10
CVE-2026-28479 OpenClaw < 2026.2.15 - Cache Poisoning via Deprecated SHA-1 Hash in Sandbox Configuration — OpenClaw 7.5 High2026-03-05
CVE-2026-30791 RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation — RustDesk Client 9.8 -2026-03-05
CVE-2026-3598 RustDesk Server Generates Config Strings Using Reversible Encoding (Base64 + Reverse) Instead of Encryption — RustDesk Server Pro 7.5 -2026-03-05
CVE-2025-14456 IBM MQ Appliance uses weaker than expected cryptographic algorithms — MQ Appliance 6.5AIMediumAI2026-03-03
CVE-2025-14480 IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms — Aspera faspio Gateway 5.1 Medium2026-03-03
CVE-2026-1627 SICK LMS1000和SICK MRS1000 安全漏洞 — SICK LMS1000 6.5 Medium2026-02-27
CVE-2026-1626 SICK LMS1000和SICK MRS1000 安全漏洞 — SICK LMS1000 6.5 Medium2026-02-27
CVE-2026-21718 Copeland XWEB and XWEB Pro Use of a Broken or Risky Cryptographic Algorithm — Copeland XWEB 300D PRO 10.0 Critical2026-02-27
CVE-2026-27804 Parse Server: Account takeover via JWT algorithm confusion in Google auth adapter — parse-server 9.8AICriticalAI2026-02-25
CVE-2024-43178 Multiple Vulnerabilities in IBM Concert Software. — Concert 5.9 Medium2026-02-17
CVE-2026-2618 Beetel 777VR1 SSH Service risky encryption — 777VR1 3.7 Low2026-02-17
CVE-2026-26219 newbee-mall Unsalted MD5 Password Hashing Enables Offline Credential Cracking — newbee-mall 9.1 Critical2026-02-12
CVE-2025-66597 Yokogawa FAST/TOOLS 安全漏洞 — FAST/TOOLS 7.5AIHighAI2026-02-09
CVE-2025-66598 Yokogawa FAST/TOOLS 安全漏洞 — FAST/TOOLS 7.5AIHighAI2026-02-09
CVE-2025-62514 `libparsec_crypto` does not check for weak order point of curve 25519 — parsec-cloud 8.3 High2026-01-29
CVE-2026-24785 Clatter has a PSK Validity Rule Violation issue — clatter 9.1AICriticalAI2026-01-27
CVE-2026-22585 Salesforce Marketing Cloud Engagement 安全漏洞 — Marketing Cloud Engagement 5.3 -2026-01-24
CVE-2025-58743 Insecure Encryption Algorithms Enable Brute-Force Database Credential Access in Milner ImageDirector Capture — ImageDirector Capture 8.4AIHighAI2026-01-20
CVE-2026-21907 Junos Space: TLS/SSL server supports use of static key ciphers (ssl-static-key-ciphers) — Junos Space 5.9 Medium2026-01-15
CVE-2025-68702 Jervis has a SHA-256 Hex String Padding Bug — jervis 8.1AIHighAI2026-01-13

Vulnerabilities classified as CWE-327 (使用已被攻破或存在风险的密码学算法) represent 254 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.