CWE-325: CWE-325
Yearly Trend
Top Affected Vendors
All CWE-325 CVEs (8)
Deno's node:crypto module before version 2.6.0 fails to properly finalize cipher operations, allowing attackers to perform infinite encryption attempt...
Jan 15, 2026This vulnerability in Windows Kerberos allows attackers to bypass cryptographic validation steps, enabling privilege escalation over network connectio...
Nov 11, 2025This vulnerability allows an unauthenticated remote attacker in a man-in-the-middle position to decrypt, read, modify, and re-encrypt data transmitted...
May 3, 2022This vulnerability allows an unauthenticated remote attacker to impersonate a legitimate Cisco Touch 10 device during the pairing process, enabling un...
Nov 15, 2024This vulnerability allows attackers to derive the encryption key used during Bluetooth pairing by exploiting insufficient validation of elliptic curve...
Aug 7, 2018This vulnerability in MbedTLS allows attackers to forge LMS signatures when using hardware-accelerated hashing. An attacker who can induce faults in h...
Jul 4, 2025CVE-2025-59339 is a vulnerability in The Bastion's session recording encryption script that fails to sign encrypted SSH session files when configured ...
Sep 17, 2025This vulnerability in OpenSSL's low-level OCB API exposes the last 1-15 bytes of a message in cleartext and unauthenticated when using hardware-accele...
Jan 27, 2026About CWE-325 (CWE-325)
Our database tracks 8 CVEs classified as CWE-325, with 0 rated critical and 3 rated high severity. The average CVSS score for CWE-325 vulnerabilities is 6.2.
External reference: View CWE-325 on MITRE CWE →
Monitor CWE-325 Vulnerabilities
Get alerted when new CWE-325 CVEs affect your infrastructure.
Start Monitoring Free