CWE-1240: CWE-1240

Total CVEs

Critical

High

7.2

Avg CVSS

Yearly Trend

2026

2025

2024

Top Affected Vendors

1 Microsoft 1

2 Dell 1

3 Apache 1

4 Br Automation 1

5 Refraction Networking 1

All CWE-1240 CVEs (7)

CVE-2024-0323

9.8

The B&R Automation Runtime FTP server supports outdated encryption protocols (SSLv3, TLSv1.0, TLS1.1) that are vulnerable to cryptographic attacks. A ...

Feb 5, 2024

CVE-2025-24802

8.6

This vulnerability in Plonky2 allows a malicious prover to falsely prove that f(0)=0 for any lookup table f when the table length isn't divisible by 2...

Jan 30, 2025

CVE-2025-58720

7.8

This vulnerability in Windows Cryptographic Services involves a risky implementation of a cryptographic primitive that allows an authenticated attacke...

Oct 14, 2025

CVE-2025-46424

6.7

Dell CloudLink versions before 8.2 contain a cryptographic implementation vulnerability that allows high-privileged attackers to cause denial of servi...

Nov 5, 2025

CVE-2026-22705

6.4

A timing side-channel vulnerability in RustCrypto's Signatures library allows attackers to potentially extract private key information during ML-DSA s...

Jan 10, 2026

CVE-2025-53960

5.9

Apache StreamPark versions 2.0.0 through 2.1.6 use user passwords as JWT signing keys, allowing attackers who capture tokens to brute-force passwords ...

Dec 12, 2025

CVE-2026-27017

5.3

This vulnerability in uTLS creates a fingerprint mismatch with Chrome when using GREASE ECH, potentially allowing network observers to detect and fing...

Feb 20, 2026

About CWE-1240 (CWE-1240)

Our database tracks 7 CVEs classified as CWE-1240, with 1 rated critical and 2 rated high severity. The average CVSS score for CWE-1240 vulnerabilities is 7.2.

External reference: View CWE-1240 on MITRE CWE →

Monitor CWE-1240 Vulnerabilities

Get alerted when new CWE-1240 CVEs affect your infrastructure.

Start Monitoring Free