CWE-347— Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.— MITRE CWE catalog
681 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-347page 12 of 14
- CVE-2025-59334CRITICALCVSS 9.6EG 9.62025-09-16
Linkr is a lightweight file delivery system that downloads files from a webserver. Linkr versions through 2.0.0 do not verify the integrity or authenticity of .linkr manifest files before using their contents, allowing a tampered manifest …
- CVE-2025-59718CRITICALCVSS 9.8EG 9.8⚠ KEV2025-12-09
A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7…
- CVE-2025-59719CRITICALCVSS 9.8EG 9.82025-12-09
An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authenticatio…
- CVE-2025-59803MEDIUMCVSS 5.3EG 5.32025-12-11
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content…
- CVE-2025-59934CRITICALCVSS 9.4EG 9.42025-09-26
Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs (jwt.decode) without verifying th…
- CVE-2025-6198HIGHCVSS 7.2EG 6.42025-09-19
There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image.
- CVE-2025-64186MEDIUMCVSS 6.5EG 8.72025-11-12
Evervault is a payment security solution. A vulnerability was identified in the `evervault-go` SDK’s attestation verification logic in versions of `evervault-go` prior to 1.3.2 that may allow incomplete documents to pass validation. This…
- CVE-2025-64456HIGHCVSS 7.8EG 8.42025-11-10
In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation
- CVE-2025-64740HIGHCVSS 7.8EG 7.52025-11-13
Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access.
- CVE-2025-64786LOWCVSS 3.3EG 3.32025-12-09
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An a…
- CVE-2025-64787LOWCVSS 3.3EG 3.32025-12-09
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An a…
- CVE-2025-65295HIGHCVSS 8.1EG 8.12025-12-10
Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 devices, allow attackers to install malicious firmware without proper verification. The device fails to…
- CVE-2025-65945HIGHCVSS 7.5EG 7.52025-12-04
auth0/node-jws is a JSON Web Signature implementation for Node.js. In versions 3.2.2 and earlier and version 4.0.0, auth0/node-jws has an improper signature verification vulnerability when using the HS256 algorithm under specific condition…
- CVE-2025-66567CRITICALCVSS 9.1EG 9.12025-12-09
The ruby-saml library is for implementing the client side of a SAML authorization. ruby-saml versions up to and including 1.12.4 contain an authentication bypass vulnerability due to an incomplete fix for CVE-2025-25292. ReXML and Nokogiri…
- CVE-2025-66568CRITICALCVSS 9.1EG 9.12025-12-09
The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformati…
- CVE-2025-67903MEDIUMCVSS 5.3EG 5.32026-05-27
Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass.
- CVE-2025-68113MEDIUMCVSS 6.5EG 6.52025-12-16
ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind c…
- CVE-2025-68925MEDIUMCVSS 5.3EG 5.32026-01-13
Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, the code doesn't validate that the JWT header specifies "alg":"RS256". This vulnerability is fixed in 2.2.
- CVE-2025-68972MEDIUMCVSS 5.9EG 5.92025-12-27
In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified messag…
- CVE-2025-7937HIGHCVSS 7.2EG 6.62025-09-19
There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW . An attacker can update the system firmware with a specially crafted image.
- CVE-2025-8454CRITICALCVSS 9.8EG 9.82025-08-01
It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the up…
- CVE-2025-9485CRITICALCVSS 9.8EG 9.82025-10-04
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 6.26.12. This is due to the plugin performing unsafe JWT token process…
- CVE-2026-0234CRITICALCVSS 9.1EG 7.22026-04-13
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources.
- CVE-2026-0265HIGHCVSS 7.2EG 7.22026-05-13
An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is hig…
- CVE-2026-0750HIGHCVSS 7.5EG 7.52026-01-28
Improper Verification of Cryptographic Signature vulnerability in Drupal Drupal Commerce Paybox Commerce Paybox on Drupal 7.X allows Authentication Bypass.This issue affects Drupal Commerce Paybox: from 7-x-1.0 through 7.X-1.5.
- CVE-2026-10795HIGHCVSS 8.1EG 8.12026-06-11
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.26.4 via the UpdraftPlus_Remote_Communications_V2::wp_loaded function. This is due to insuffi…
- CVE-2026-11348HIGHCVSS 8.1EG 8.12026-07-07
Improper verification of cryptographic signature vulnerability in HAVELSAN Inc. Liman MYS allows Fake the Source of Data. This issue affects Liman MYS: before release.Master.1107.
- CVE-2026-11800HIGHCVSS 8.1EG 8.12026-06-25
A flaw was found in Keycloak. This JWT algorithm confusion vulnerability in the JWT Authorization Grant flow allows an attacker with valid client credentials to bypass signature verification. By forging an assertion, the attacker can creat…
- CVE-2026-1190LOWCVSS 3.1EG 3.12026-01-26
A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language (SAML) setup, it fails to validate the `NotOnOrAfter` timestamp within the `SubjectConfirmationDat…
- CVE-2026-1237LOWCVSS 2.1EG 2.12026-01-28
Vulnerable cross-model authorization in juju. If a charm's cross-model permissions are revoked or expire, a malicious user who is able to update database records can mint an invalid macaroon that is incorrectly validated by the juju contro…
- CVE-2026-13722HIGHCVSS 8.6EG 8.62026-07-03
WatchGuard Fireware OS contains a firmware validation bypass when processing a backup image via the backup/restore feature. An authenticated administrator can exploit this vulnerability to install a tampered firmware image.This vulnerabili…
- CVE-2026-13743LOWCVSS 3.3EG 3.32026-07-02
CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. This could allow an attacker with physical access to the product to upload arbitrary mal…
- CVE-2026-1529HIGHCVSS 8.1EG 8.12026-02-09
A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token (JWT) payload. This lack of cryptographic signature verificati…
- CVE-2026-1568CRITICALCVSS 9.6EG 9.62026-02-03
Rapid7 InsightVM versions before 8.34.0 contain a signature verification issue on the Assertion Consumer Service (ACS) cloud endpoint that could allow an attacker to gain unauthorized access to InsightVM accounts setup via "Security Cons…
- CVE-2026-20965HIGHCVSS 7.5EG 7.52026-01-13
Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.
- CVE-2026-21002MEDIUMCVSS 5.5EG 5.52026-03-16
Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application.
- CVE-2026-22696CRITICALCVSS 9.3EG 9.32026-01-26
dcap-qvl implements the quote verification logic for DCAP (Data Center Attestation Primitives). A vulnerability present in versions prior to 0.3.9 involves a critical gap in the cryptographic verification process within the dcap-qvl. The l…
- CVE-2026-22817HIGHCVSS 8.2EG 8.22026-01-13
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.11.4, there is a flaw in Hono’s JWK/JWKS JWT verification middleware allowed the JWT header’s alg value to influence signature verificatio…
- CVE-2026-22818HIGHCVSS 8.2EG 8.22026-01-13
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.11.4, there is a flaw in Hono’s JWK/JWKS JWT verification middleware allowed the algorithm specified in the JWT header to influence signatur…
- CVE-2026-23518CRITICALCVSS 9.8EG 9.82026-01-21
Fleet is open source device management software. In versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, a vulnerability in Fleet's Windows MDM enrollment flow could allow an attacker to submit forged authentication tokens that ar…
- CVE-2026-23687HIGHCVSS 8.8EG 8.82026-02-10
SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampe…
- CVE-2026-23965HIGHCVSS 7.5EG 7.52026-01-22
sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto prior to version 0.4.0. Under default co…
- CVE-2026-23967HIGHCVSS 7.5EG 7.52026-01-22
sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature malleability vulnerability exists in the SM2 signature verification logic of the sm-crypto library prior to version 0.3.14…
- CVE-2026-23992MEDIUMCVSS 5.9EG 5.92026-01-22
go-tuf is a Go implementation of The Update Framework (TUF). Starting in version 2.0.0 and prior to version 2.3.1, a compromised or misconfigured TUF repository can have the configured value of signature thresholds set to 0, which effectiv…
- CVE-2026-24032HIGHCVSS 7.3EG 7.32026-04-14
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3 with UMC). The affected application contains an authentication weakness due to insufficient validation of user identity in the UMC component. This could allow an un…
- CVE-2026-24807MEDIUMCVSS 5.3EG 5.32026-01-27
Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules). This vulnerability is associated with program file…
- CVE-2026-24850MEDIUMCVSS 5.3EG 5.32026-01-28
The ML-DSA crate is a Rust implementation of the Module-Lattice-Based Digital Signature Standard (ML-DSA). Starting in version 0.0.4 and prior to version 0.1.0-rc.4, the ML-DSA signature verification implementation in the RustCrypto `ml-ds…
- CVE-2026-25793HIGHCVSS 8.1EG 8.12026-02-06
Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates (which is not the default configuration), it is possible to evade a blocklist entry created against the fingerprint of a certifica…
- CVE-2026-25922HIGHCVSS 8.8EG 8.82026-02-12
authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, o…
- CVE-2026-2625MEDIUMCVSS 4.0EG 4.02026-04-03
A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager (RPM) file. During the RPM signature verification process, this crafted file can trigger an error in …
Map vulnerabilities like CWE-347 to your infrastructure
EchelonGraph correlates every CVE — across CWE-347 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →