Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

651 vulnerabilities with CWE-347

CVE-2026-32974 HIGH

OpenClaw < 2026.3.12 - Forged Event Injection via Feishu Webhook Verification Token

CVE-2026-33895 HIGH

Forge has signature forgery in Ed25519 due to missing S > L check

CVE-2026-33894 HIGH

Forge has signature forgery in RSA-PKCS due to ASN.1 extra field

CVE-2026-33487 HIGH

goxmldsig has validateSignature Loop Variable Capture Signature Bypass

CVE-2026-20699 MEDIUM

macOS <14.8.5 - Info Disclosure

CVE-2026-4600 HIGH

jsrsasign <11.1.1 - Improper Verification of Cryptographic Signature

CVE-2026-4115 LOW

PuTTY Ed25519 Signature ecc-ssh.c eddsa_verify signature verification

CVE-2026-4541 LOW

janmojzis tinyssh Ed25519 Signature crypto_sign_ed25519_tinyssh.c signature verification

CVE-2026-4478 HIGH

Yi Technology YI Home Camera HTTP Firmware Update ipc signature verification

CVE-2026-32294 MEDIUM

JetKVM insufficient firmware verification

CVE-2026-3564 CRITICAL

ScreenConnect Instance Level Cryptographic Material Exposure

CVE-2026-4258 HIGH

sjcl - Improper Verification of Cryptographic Signature

CVE-2026-27962 CRITICAL

Authlib JWS JWK Header Injection: Signature Verification Bypass

CVE-2026-3562 HIGH

Philips Hue Bridge - Auth Bypass

CVE-2026-32614 HIGH

Go ShangMi Library <0.41.1 - Infinity-Point Forgery

CVE-2026-21002 MEDIUM

Samsung Galaxy Store <4.6.03.8 - Auth Bypass

CVE-2026-20997 CRITICAL

Samsung Mobile Smart Switch <3.7.69.15 - Auth Bypass

CVE-2026-20989 LOW

Samsung Mobile Devices - Auth Bypass

CVE-2026-28432 HIGH

Misskey <2026.3.1 - Auth Bypass

CVE-2026-3706 LOW

Dropbear <=2025.89 - Improper Signature Verification

CVE-2026-28802 CRITICAL

Authlib 1.6.5-1.6.6 - Auth Bypass

CVE-2026-29000 CRITICAL

pac4j-jwt <4.5.9/5.7.9/6.3.3 - Auth Bypass

CVE-2026-2746 MEDIUM

SEPPmail Secure Email Gateway <15.0.1 - Info Disclosure

CVE-2026-27445 MEDIUM

SEPPmail Secure Email Gateway <15.0.1 - Auth Bypass

CVE-2026-3338 HIGH

AWS-LC <1.69.0 - Auth Bypass

Previous Page 2 of 27 Next

Details

Vulnerabilities 651

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy