Poster - CVE CyberSecurity Database News (Page 12)

Nov 21, 2025 Exploit

CVE-2025-11932 - How a Non-Constant Time PSK Binder Leak Can Break Your TLS 1.3 Security

CVE-2025-11932 is a newly disclosed vulnerability affecting certain TLS 1.3 server implementations. The issue? The server used a non-constant time method to verify the

Nov 21, 2025 API Exploit

CVE-2025-11931 - Integer Underflow in XChaCha20-Poly1305 Decrypt Leads to Out-of-Bounds Access

A new vulnerability, CVE-2025-11931, has been discovered in the implementation of XChaCha20-Poly1305 in several open-source cryptographic libraries. This bug specifically affects direct uses of the

Nov 21, 2025

CVE-2025-12888 - Timing Attack Found in X25519 Crypto Implementations on Xtensa-based ESP32 Chips

*Published: July 2024* A serious vulnerability, CVE-2025-12888, has been identified in the way X25519 cryptographic key exchange is implemented on Xtensa-based chips (notably the popular

Nov 21, 2025 Windows

CVE-2025-11933 - How Improper Input Validation in wolfSSL’s TLS 1.3 CKS Extension Can Cause DoS

A new vulnerability, CVE-2025-11933, has been discovered in wolfSSL up to version 5.8.2. This issue affects the popular security library on multiple platforms,

Nov 21, 2025

CVE-2025-11934 - Downgrade Risk in wolfSSL’s TLS 1.3 CertificateVerify Signature Algorithm — Explained

When relying on encrypted connections, most of us trust that a modern library like wolfSSL keeps our data private and secure. But with CVE-2025-11934, a