Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

CryptoLib — Vulnerabilities & Security Advisories 24

All 24 CVE vulnerabilities found in CryptoLib, with AI-generated Chinese analysis, references, and POCs.

This page aggregates known security weaknesses for the CryptoLib product, categorized under the vendor CryptoLib and tagged by specific Common Weakness Enumeration classes. It serves as a centralized reference for understanding the historical and current security posture of this cryptographic library without promoting any specific brand or service. The content collected here encompasses a wide range of vulnerability types, including buffer overflows, improper input validation, cryptographic failures, and insecure default configurations. These entries are compiled from various public sources, including vendor security advisories, bug trackers, and independent security research, covering incidents reported over the past five years. By reviewing this aggregation, users can track the vendor’s response to critical issues, observe patterns in how different weakness classes manifest within the codebase, and gain a comprehensive view of the product’s vulnerability history. This approach allows developers and security analysts to identify recurring flaws, assess the effectiveness of past patches, and make informed decisions regarding the adoption or update of CryptoLib. The data is organized to facilitate deep dives into specific weakness categories, enabling a clearer understanding of the underlying technical causes and potential remediation strategies. This resource is intended for educational and analytical purposes, providing a transparent look at the security challenges faced by the product over time.

Vendor: nasa

CVE IDTitleCVSSSeverityPublished
CVE-2026-22697 CryptoLib Has Heap Buffer Overflow Vulnerability in KMC Base64 Decode Handling (KMC JSON base64ciphertext/base64cleartext) CWE-122 7.5 High2026-01-10
CVE-2026-22027 CryptoLib Vulnerable to Heap Buffer Overflow in MariaDB SA Hexstring Conversion CWE-122 9.8 -2026-01-10
CVE-2026-22026 CryptoLib Unbounded Memory Allocation in KMC HTTP Response Handler Allows Resource Exhaustion CWE-789 7.5 -2026-01-10
CVE-2026-22025 CryptoLib Memory Leak on HTTP Error Response in KMC Client CWE-401--2026-01-10
CVE-2026-22024 CryptoLib Memory Leak in KMC Encrypt Function Leads to Resource Exhaustion CWE-401 7.5 -2026-01-10
CVE-2026-22023 CryptoLib Has Out-of-Bounds Read in KMC AEAD Encrypt Metadata Parsing via Flawed strtok Pattern CWE-125 9.1 -2026-01-10
CVE-2026-21900 CryptoLib Has Out-of-Bounds Read in KMC Encrypt Metadata Parsing via Flawed strtok Pattern CWE-125 9.1 -2026-01-10
CVE-2026-21899 CryptoLib has an out-of-bounds read and crash vulnerability when decoding an empty Base64url string CWE-125 4.7 Medium2026-01-10
CVE-2026-21898 CryptoLib Has Out-of-bounds Read in Crypto_AOS_ProcessSecurity CWE-125 8.2 High2026-01-10
CVE-2026-21897 CryptoLib Has Out-of-Bounds Write in Crypto_Config_Add_Gvcid_Managed_Parameters CWE-787 7.3 High2026-01-10
CVE-2025-64096 CryptoLib vulnerable to Stack Buffer Overflow in Crypto_Key_Update due to missing TLV length check CWE-121 9.8AICriticalAI2025-10-30
CVE-2025-59534 CryptoLib command Injection vulnerability in initialize_kerberos_keytab_file_login() CWE-78 7.3 High2025-09-23
CVE-2025-54878 Heap Buffer Overflow in NASA CryptoLib 1.4.0 `Crypto_TC_Check_IV_Setup` CWE-122 8.6 High2025-08-11
CVE-2025-46675 CryptoLib 安全漏洞 CWE-913 3.5 Low2025-04-27
CVE-2025-46674 CryptoLib 安全漏洞 CWE-489 3.5 Low2025-04-27
CVE-2025-46672 CryptoLib 安全漏洞 CWE-252 3.5 Low2025-04-27
CVE-2025-46673 CryptoLib 安全漏洞 CWE-913 4.9 Medium2025-04-27
CVE-2025-30356 Heap Buffer Overflow via Incomplete Length Check in `Crypto_TC_ApplySecurity` CWE-191 9.8AICriticalAI2025-04-01
CVE-2025-30216 CryptoLib Has Heap Overflow in Crypto_TM_ProcessSecurity due to Unchecked Secondary Header Length CWE-122 9.4 Critical2025-03-25
CVE-2025-29913 CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow CWE-125 9.8 -2025-03-17
CVE-2025-29912 CryptoLib Has Heap Buffer Overflow Due to Unsigned Integer Underflow in Crypto_TC_ProcessSecurity CWE-122 9.8 -2025-03-17
CVE-2025-29911 CryptoLib Has Heap Buffer Overflow in Crypto_AOS_ProcessSecurity Function CWE-122 9.8 -2025-03-17
CVE-2025-29910 CryptoLib's crypto_handle_incrementing_nontransmitted_counter Function has Memory Leak CWE-401 7.5 -2025-03-17
CVE-2025-29909 CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability CWE-191 9.8 -2025-03-17

All 24 known CVE vulnerabilities affecting CryptoLib with full Chinese analysis, references, and POCs where available.