Cryptolib
This hub aggregates every CVE we track for Cryptolib. Use it to gauge the current risk picture and drill into individual advisories.
other
27
CVEs tracked
6
Critical
12
High
0
In CISA KEV
Severity distribution
HIGH12CRITICAL6MEDIUM5LOW4
Monthly trend
0
0
3
0
0
0
0
0
6
5
0
0
0
1
1
1
0
0
10
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Cryptolib.
- CVE-2026-22697CryptoLib Has Heap Buffer Overflow Vulnerability in KMC Base64 Decode Handling (KMC JSON base64ciphertext/base64cleartext)7.5
- CVE-2026-22027CryptoLib Vulnerable to Heap Buffer Overflow in MariaDB SA Hexstring Conversion6.0
- CVE-2026-22026CryptoLib Unbounded Memory Allocation in KMC HTTP Response Handler Allows Resource Exhaustion7.5
- CVE-2026-22025CryptoLib Memory Leak on HTTP Error Response in KMC Client3.7
- CVE-2026-22024CryptoLib Memory Leak in KMC Encrypt Function Leads to Resource Exhaustion5.3
- CVE-2026-22023CryptoLib Has Out-of-Bounds Read in KMC AEAD Encrypt Metadata Parsing via Flawed strtok Pattern7.5
- CVE-2026-21900CryptoLib Has Out-of-Bounds Read in KMC Encrypt Metadata Parsing via Flawed strtok Pattern5.9
- CVE-2026-21899CryptoLib has an out-of-bounds read and crash vulnerability when decoding an empty Base64url string4.7
- CVE-2026-21898CryptoLib Has Out-of-bounds Read in Crypto_AOS_ProcessSecurity8.2
- CVE-2026-21897CryptoLib Has Out-of-Bounds Write in Crypto_Config_Add_Gvcid_Managed_Parameters7.3
- CVE-2025-64096CryptoLib vulnerable to Stack Buffer Overflow in Crypto_Key_Update due to missing TLV length check8.8
- CVE-2025-59534CryptoLib command Injection vulnerability in initialize_kerberos_keytab_file_login()7.3
- CVE-2025-54878Heap Buffer Overflow in NASA CryptoLib 1.4.0 `Crypto_TC_Check_IV_Setup`8.6
- CVE-2025-46674NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle.3.5
- CVE-2025-46675In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking.3.5
Product normalization is registry-driven with AI assist and human review. How it works