Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

686 vulnerabilities with CWE-347

CVE-2026-33117 CRITICAL

Azure SDK for Java Security Feature Bypass Vulnerability

CVE-2026-41431 HIGH

Zen Browser MAR updater ships with signature verification removed — unsigned updates accepted

CVE-2026-42193 CRITICAL

Plunk: SNS webhook forgery

CVE-2026-44497 CRITICAL

ZEBRA: Consensus Divergence in Transparent Sighash Hash-Type Handling due to Stale Buffer

CVE-2026-42501 HIGH

Malicious module proxy can bypass checksum database in cmd/go

CVE-2026-41669 HIGH

Admidio: SAML Signature Validation Result Ignored — Forged AuthnRequests and LogoutRequests Processed

CVE-2026-7689 LOW

Dolibarr ERP CRM Online Signature security.lib.php dol_verifyHash signature verification

CVE-2026-33467 MEDIUM

Improper Verification of Cryptographic Signature in Elastic Package Registry Leading to Package Integrity Bypass

CVE-2026-38651 HIGH

Netmaker < 1.5.0 - Authentication Bypass via JWT Signature Verification Failure

CVE-2026-6986 LOW

Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification

CVE-2026-6966 MEDIUM

Signature Threshold Bypass in awslabs/tough Delegated Roles

CVE-2026-6911 CRITICAL

Authentication Bypass via Missing JWT Signature Verification in AWS Ops Wheel

CVE-2026-34068 MEDIUM

nimiq-transaction: UpdateValidator transactions allows voting key change without proof-of-knowledge

CVE-2026-40372 CRITICAL

ASP.NET Core Elevation of Privilege Vulnerability

CVE-2026-41301 MEDIUM

OpenClaw 2026.3.22 < 2026.3.31 - Forged Nostr DM Pairing State Creation via Signature Verification Bypass

CVE-2026-5050 HIGH

Payment Gateway for Redsys & WooCommerce Lite <= 7.0.0 - Improper Verification of Cryptographic Signature to Unauthenticated Payment Status Manipulation

CVE-2026-6328 HIGH

XQUIC Improper STREAM Frame Validation in Initial/Handshake Packets

CVE-2026-24032 HIGH

Siemens SINEC NMS <V4.0 SP3 - Auth Bypass

CVE-2026-0234 HIGH

Cortex XSOAR: Improper Verification of Cryptographic Signature in Microsoft Teams integration

CVE-2026-5466 HIGH

wc_VerifyEccsiHash missing sanity check

CVE-2026-40070 HIGH

bsv-sdk and bsv-wallet persist unverified certifier signatures in acquire_certificate (direct and issuance paths)

CVE-2026-39413 MEDIUM

LightRAG <1.4.14 API - JWT Algorithm Confusion

CVE-2026-2625 MEDIUM

Rust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verification

CVE-2026-34840 HIGH

OneUptime SSO: Multi-Assertion Identity Injection via Decoupled Signature Verification

CVE-2026-33746 CRITICAL

Convoy: JWT Signature Verification Bypass Allows Authentication as Arbitrary Users

Previous Page 2 of 28 Next

Details

Vulnerabilities 686

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy