All 4 CVE vulnerabilities found in liboqs, with AI-generated Chinese analysis, references, and POCs.
Vendor: open-quantum-safe
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-52473 | liboqs secret-dependent branching in HQC reference implementation when compiled with Clang 17-20 CWE-200 | 5.9 | Medium | 2025-07-10 |
| CVE-2025-48946 | liboqs affected by theoretical design flaw in HQC CWE-327 | 3.7 | Low | 2025-05-30 |
| CVE-2024-54137 | liboqs has a correctness error in HQC decapsulation CWE-200 | 7.4 | High | 2024-12-06 |
| CVE-2024-36405 | Control-flow timing leak in Kyber reference implementation when compiled with Clang 15-18 for -Os, -O1 and other options CWE-208 | 5.9 | Medium | 2024-06-10 |
All 4 known CVE vulnerabilities affecting liboqs with full Chinese analysis, references, and POCs where available.