Cryptography

The p3-challenger rust package is vulnerable to transcript malleability and challenge entropy loss, allowing attackers to craft distinct transcripts that produce identical challenges, breaking the binding property of Fiat-Shamir due to partial-chunk aliasing, non-injective squeeze, and high-bit truncation.

CVE-2026-44662 is a critical heap buffer overflow vulnerability in rust-openssl during encryption with AES key-wrap-with-padding, potentially leading to arbitrary code execution or denial of service.

A crafted Orchard transaction with a zero-value rk field can cause a Zebra node to crash due to a panic in the orchard crate, leading to a denial-of-service condition; this vulnerability is identified as CVE-2026-41584 and patched in zebrad version 4.3.1 and zebra-chain version 6.0.2.

CVE-2026-1005 is an integer underflow vulnerability in a Microsoft product that leads to out-of-bounds memory access during AES-GCM/CCM/ARIA-GCM decryption processes, potentially allowing for code execution or information disclosure.

The phpseclib library has a vulnerability affecting prime number generation and primality testing, impacting versions >= 0.1.1 and < 1.0.23, >= 2.0.0 and < 2.0.47, and >= 3.0.0 and < 3.0.36, potentially leading to insecure cryptographic operations.

The analytic detects suspicious PowerShell script execution involving the cryptography namespace (excluding SHA and MD5) via EventCode 4104, often associated with malware that decrypts or decodes additional malicious payloads leading to further code execution, privilege escalation, or persistence.

The rust-openssl crate's `Deriver::derive` and `PkeyCtxRef::derive` functions can cause heap/stack overflows when used with OpenSSL 1.1.x due to insufficient buffer length validation in X25519, X448, DH, and HKDF-extract, affecting rust-openssl versions >= 0.9.27 and < 0.10.78.

CVE-2018-0735 is a timing attack vulnerability in ECDSA signature generation affecting Microsoft products, potentially allowing attackers to recover private keys.