Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

686 vulnerabilities with CWE-347

CVE-2026-28432 HIGH

Misskey < 2026.3.1 - HTTP Signature Verification Bypass

CVE-2026-3706 LOW

Dropbear <=2025.89 - Improper Signature Verification

CVE-2026-28802 CRITICAL

Authlib 1.6.5-1.6.6 - Improper Verification of Cryptographic Signature

CVE-2026-29000 CRITICAL

pac4j-jwt <4.5.9/5.7.9/6.3.3 - Auth Bypass

CVE-2026-2746 MEDIUM

SEPPmail Secure Email Gateway <15.0.1 - Info Disclosure

CVE-2026-27445 MEDIUM

SEPPmail Secure Email Gateway <15.0.1 - Auth Bypass

CVE-2026-3338 HIGH

AWS-LC < 1.69.0 - Improper Verification of Cryptographic Signature in PKCS7_verify()

CVE-2026-22866 HIGH

Ethereum Name Service (ENS) <=1.6.2 - Auth Bypass

CVE-2026-2968 LOW

Cesanta Mongoose <=7.20 - Auth Bypass

CVE-2026-25922 HIGH

authentik <2025.8.6, 2025.10.4, 2025.12.4 - SSRF

CVE-2026-23687 HIGH

SAP NetWeaver Application Server ABAP/ABAP Platform - Privilege Esc...

CVE-2026-1529 HIGH

Keycloak 26.5.0-26.5.2 - Unauthenticated Organization Access via JWT Invitation Token Tampering

CVE-2026-25793 HIGH

Nebula 1.7.0-1.10.2 - Blocklist Bypass via ECDSA Signature Malleability

CVE-2026-1568 CRITICAL

Rapid7 InsightVM <8.34.0 - Privilege Escalation

CVE-2026-0750 HIGH

Drupal Commerce Paybox 7.x-1.0-7.x-1.5 - Authentication Bypass via Improper Cryptographic Signature Verification

CVE-2026-1237 LOW

juju - Improper Verification of Cryptographic Signature in Cross-Model Authorization

CVE-2026-24850 MEDIUM

ml-dsa 0.0.4-0.1.0-rc.3 - Improper Verification of Cryptographic Signature via Duplicate Hint Indices

CVE-2026-24807 MEDIUM

liuyueyi quick-media < v1.0 - Improper Verification of Cryptographic Signature in SeekableOutputStream

CVE-2026-22696 CRITICAL

dcap-qvl < 0.3.9 - Improper Certificate Validation in QE Identity Collateral

CVE-2026-23992 MEDIUM

go-tuf 2.0.0-2.3.0 - Improper Verification of Cryptographic Signature

CVE-2026-23967 HIGH

sm-crypto <0.3.14 - Signature Malleability

CVE-2026-23965 HIGH

sm-crypto <0.4.0 - Signature Forgery

CVE-2026-23518 CRITICAL

Fleet < 4.78.3, < 4.77.1, < 4.76.2, < 4.75.2, < 4.53.3 - Improper JWT Signature Verification in Windows MDM Enrollment

CVE-2026-22818 HIGH

Hono < 4.11.4 - JWT Algorithm Confusion via JWK/JWKS Middleware

CVE-2026-22817 HIGH

Hono < 4.11.4 - JWT Algorithm Confusion via Untrusted Header alg Value

Previous Page 4 of 28 Next

Details

Vulnerabilities 686

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy