Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-326

CWE-326

Inadequate Encryption Strength

Parent: CWE-693 - Protection Mechanism Failure

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

448 vulnerabilities with CWE-326

CVE-2026-41860 HIGH

Cloud Foundry Foundation Bosh < 282.1.9 - Inadequate Encryption Strength

CVE-2026-8878 HIGH

Securly Chrome Extension < 3.0.7 - Unauthenticated Sensitive Data Exposure via Public Endpoints

CVE-2026-45787 CRITICAL

electerm's encrypt method not safe enough

CVE-2026-44523 CRITICAL

Note Mark: JWT Secret Weakness allows Full Account Takeover via token forgery

CVE-2026-44351 CRITICAL

fast-jwt: Empty HMAC secret accepted via async key resolver - JWT auth bypass

CVE-2026-33361 HIGH

Meari weak XOR obfuscation

CVE-2026-5363 HIGH

Use of weak cryptographic key in TP-Link Archer C7

CVE-2026-5889 MEDIUM

Google Chrome <147.0.7727.55 - Info Disclosure

CVE-2026-39349 LOW

OrangeHRM Uses AES-ECB for Sensitive Data Encryption Enables Pattern Disclosure

CVE-2026-28377 HIGH

S3 SSE-C Encryption Key Exposed in Plaintext via Config Endpoint (CVE-2025-41118 Pattern)

CVE-2026-33512 HIGH

WWBN AVideo <=26.0 - Info Disclosure

CVE-2026-33488 HIGH

AVideo <=26.0 LoginControl PGP - Two-Factor Authentication Bypass

CVE-2026-0510 LOW

NetWeaver Application Server for Java - Info Disclosure

CVE-2025-1241 MEDIUM

Encryption vulnerable to brute-force decryption in GoAnywhere MFT

CVE-2025-36379 MEDIUM

IBM Security QRadar EDR 3.12-3.12.23 - Info Disclosure

CVE-2025-68703 HIGH

Jervis < 2.2 - Inadequate Encryption Strength via Predictable Salt Derivation

CVE-2025-65295 HIGH

Aqara Hub <4.1.9_0027-4.3.6_0025 - RCE

CVE-2025-41743 MEDIUM

Sprecher Automation - Info Disclosure

CVE-2025-11935 HIGH

wolfssl 5.8.2-5.8.3 - Inadequate Encryption Strength via TLS 1.3 PSK Without PFS

CVE-2025-12439 MEDIUM

Google Chrome < 142.0.7444.59 - Inadequate Encryption Strength in App-Bound Encryption

CVE-2025-12478 CRITICAL

BLU-IC2 and BLU-IC4 Firmware < 1.20 - Inadequate Encryption Strength

CVE-2025-55039 MEDIUM

Apache Spark <4.0.0-3.5.2-3.4.4 - Info Disclosure

CVE-2025-55248 MEDIUM

.NET Framework - Inadequate Encryption Strength

CVE-2025-39889 HIGH

Linux Kernel - Inadequate Encryption Key Size Validation in Bluetooth L2CAP

CVE-2025-46409 HIGH

SS1 <16.0.0.10 - Info Disclosure

Page 1 of 18 Next

Details

Vulnerabilities 448

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy