What is GHSA-mx76-r943-rf8g?

GHSA-mx76-r943-rf8g is a security advisory published by GitHub Security Advisories with Medium severity. Bouncy Castle has a vulnerability in program files gcm128w, gcm512w

Which CVE IDs does GHSA-mx76-r943-rf8g cover?

GHSA-mx76-r943-rf8g covers the following CVE IDs: CVE-2026-8149. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

Which products are affected by GHSA-mx76-r943-rf8g?

GHSA-mx76-r943-rf8g affects 1 product, including: maven/org.bouncycastle:bc-fips:\u003e= 2.1.0, \u003c= 2.1.2.

GHSA-mx76-r943-rf8gMedium

Bouncy Castle has a vulnerability in program files gcm128w, gcm512w

Vendor

GitHub Security Advisories

Published

May 8, 2026

Last Modified

May 19, 2026

🔗 CVE IDs covered (1)

CVE-2026-8149 →

📋 Description

A vulnerability in Legion of the Bouncy Castle Inc. BC-FJA BC-FIPS on Linux, X86_64, AVX, AVX-512f. This vulnerability is associated with program files gcm128w, gcm512w. This issue affects BC-FJA: from 2.1.0 through 2.1.2.

🎯 Affected products1

maven/org.bouncycastle:bc-fips:>= 2.1.0, <= 2.1.2

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-8149
https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%908149
https://github.com/advisories/GHSA-mx76-r943-rf8g