CWE-347— Improper Verification of Cryptographic Signature
627 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-347page 11 of 13
- CVE-2025-27773HIGHCVSS 8.6EG 8.62025-03-11
The SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. Prior to versions 4.17.0 and 5.0.0-alpha.20, there is a signature confusion attack in the HTTPRedirect binding. An attacker with any signed SAMLResponse via …
- CVE-2025-27813HIGHCVSS 8.1EG 8.12025-04-10
MSI Center before 2.0.52.0 has Missing PE Signature Validation.
- CVE-2025-2866MEDIUMCVSS 5.5EG 9.82025-04-27
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures …
- CVE-2025-29774CRITICALCVSS 9.3EG 0.02025-03-14
xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability in versions prior to 6.0.1, 3.2.1, and 2.1.6 to bypass authentication or authorization mechanisms in systems that…
- CVE-2025-29775CRITICALCVSS 9.3EG 0.02025-03-14
xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability in versions prior to 6.0.1, 3.2.1, and 2.1.6 to bypass authentication or authorization mechanisms in systems that…
- CVE-2025-29915HIGHCVSS 7.5EG 7.52025-04-10
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AF_PACKET defrag option is enabled by default and allows AF_PACKET to re-assemble fragmented packets before reaching …
- CVE-2025-30064HIGHCVSS 8.8EG 0.02025-08-27
An insufficiently secured internal function allows session generation for arbitrary users. The decodeParam function checks the JWT but does not verify which signing algorithm was used. As a result, an attacker can use the "ex:action" param…
- CVE-2025-31335MEDIUMCVSS 4.0EG 4.02025-03-28
The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).
- CVE-2025-31489HIGHCVSS 8.7EG 0.02025-04-03
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload obj…
- CVE-2025-32060MEDIUMCVSS 6.7EG 6.72026-02-15
The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user (due to additional vulnerabilities), then he/she is also able to load custom kernel modules to the ke…
- CVE-2025-32977CRITICALCVSS 9.6EG 9.62025-06-24
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to upload backup files…
- CVE-2025-33069MEDIUMCVSS 5.1EG 5.12025-06-10
Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally.
- CVE-2025-33074HIGHCVSS 7.5EG 7.52025-04-30
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network.
- CVE-2025-34324HIGHCVSS 7.8EG 7.82025-11-18
GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing application updates. The manifest contains package URLs and SHA-256 hashes but is not digitally signed, so its authenticity relies solely on the und…
- CVE-2025-34500HIGHCVSS 7.0EG 0.02025-10-24
Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with…
- CVE-2025-34503HIGHCVSS 7.0EG 0.02025-10-24
Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this…
- CVE-2025-36418HIGHCVSS 7.3EG 7.32026-01-20
IBM ApplinX 11.1 is vulnerable due to a privilege escalation vulnerability due to improper verification of JWT tokens. An attacker may be able to craft or modify a JSON web token in order to impersonate another user or to elevate their pri…
- CVE-2025-3757CRITICALCVSS 9.8EG 9.82025-05-13
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification.
- CVE-2025-40758HIGHCVSS 8.7EG 8.72025-08-14
A vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions < V4.0.3), Mendix SAML (Mendix 10.21 compatible) (All versions < V4.1.2), Mendix SAML (Mendix 9.24 compatible) (All versions < V3.6.21). Affected ve…
- CVE-2025-40934CRITICALCVSS 9.3EG 9.32025-11-26
XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are omitted. An attacker can remove the signature from the XML document to make it pass the verification check. XML-Sig is a Perl module to validat…
- CVE-2025-41669HIGHCVSS 8.8EG 8.82026-05-27
The Web-based Management allows a remote low privileged Engineer user to install additional APPs on the device downloaded from the PLCnext Store without implementing any data verification mechanism, leading to the capability for an Enginee…
- CVE-2025-43023CRITICALCVSS 9.1EG 9.12025-07-28
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm (DSA).
- CVE-2025-43185MEDIUMCVSS 5.5EG 5.52025-07-30
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6. An app may be able to access protected user data.
- CVE-2025-43390MEDIUMCVSS 5.5EG 5.52025-11-04
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.
- CVE-2025-43468MEDIUMCVSS 5.5EG 7.52025-11-04
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user …
- CVE-2025-43521MEDIUMCVSS 5.5EG 5.52025-12-12
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access sensitive user data.
- CVE-2025-43522LOWCVSS 3.3EG 3.32025-12-12
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data.
- CVE-2025-4371MEDIUMCVSS 6.8EG 6.82025-08-18
A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection.
- CVE-2025-43903MEDIUMCVSS 4.3EG 4.32025-04-18
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.
- CVE-2025-4658CRITICALCVSS 9.8EG 9.82025-05-13
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in Open…
- CVE-2025-46774HIGHCVSS 7.5EG 7.52025-10-14
An Improper Verification of Cryptographic Signature vulnerability [CWE-347] in FortiClient MacOS installer version 7.4.2 and below, version 7.2.9 and below, 7.0 all versions may allow a local user to escalate their privileges via FortiClie…
- CVE-2025-47827MEDIUMCVSS 4.6EG 9.0⚠ KEV2025-06-05
In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image.
- CVE-2025-47934HIGHCVSS 8.7EG 0.02025-05-19
OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. Startinf in version 5.0.1 and prior to versions 5.11.3 and 6.1.1, a maliciously modified message can be passed to either `openpgp.verify` or `openpgp.decrypt`, causing thes…
- CVE-2025-47949HIGHCVSS 7.5EG 7.52025-05-19
samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed…
- CVE-2025-52550HIGHCVSS 7.2EG 7.22025-09-02
E3 Site Supervisor Control (firmware version < 2.31F01) firmware upgrade packages are unsigned. An attacker can forge malicious firmware upgrade packages. An attacker with admin access to the application services can install a malicious fi…
- CVE-2025-52556CRITICALCVSS 9.3EG 0.02025-06-21
rfc3161-client is a Python library implementing the Time-Stamp Protocol (TSP) described in RFC 3161. Prior to version 1.0.3, there is a flaw in the timestamp response signature verification logic. In particular, chain verification is perfo…
- CVE-2025-54369CRITICALCVSS 9.3EG 0.02025-07-24
Node-SAML is a SAML library not dependent on any frameworks that runs in Node. In versions 5.0.1 and below, Node-SAML loads the assertion from the (unsigned) original response document. This is different than the parts that are verified wh…
- CVE-2025-54419CRITICALCVSS 10.0EG 10.02025-07-28
A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the (unsigned) original response document. This is different than the parts that are verified when checking signature. T…
- CVE-2025-54549MEDIUMCVSS 5.9EG 5.92025-10-29
Cryptographic validation of upgrade images could be circumventing by dropping a specifically crafted file into the upgrade ISO
- CVE-2025-54982CRITICALCVSS 9.6EG 9.62025-08-05
An improper verification of cryptographic signature in Zscaler's SAML authentication mechanism on the server-side allowed an authentication abuse.
- CVE-2025-55039MEDIUMCVSS 6.5EG 6.52025-10-15
This issue affects Apache Spark versions before 3.4.4, 3.5.2 and 4.0.0. Apache Spark versions before 4.0.0, 3.5.2 and 3.4.4 use an insecure default network encryption cipher for RPC communication between nodes. When spark.network.cry…
- CVE-2025-55229MEDIUMCVSS 5.3EG 5.32025-08-21
Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network.
- CVE-2025-55278HIGHCVSS 8.1EG 8.12025-11-05
Improper authentication in the API authentication middleware of HCL DevOps Loop allows authentication tokens to be accepted without proper validation of their expiration and cryptographic signature. As a result, an attacker could potentia…
- CVE-2025-55311MEDIUMCVSS 6.5EG 6.52025-12-11
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript int…
- CVE-2025-57801CRITICALCVSS 9.1EG 9.12025-08-22
gnark is a zero-knowledge proof system framework. In versions prior to 0.14.0, the Verify function in eddsa.go and ecdsa.go used the S value from a signature without asserting that 0 ≤ S < order, leading to a signature malleability vulne…
- CVE-2025-58356HIGHCVSS 8.3EG 0.02025-10-27
Constellation is the first Confidential Kubernetes. The Constellation CVM image uses LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the CVM uses the libcryptsetup function crypt_activate_by_passhr…
- CVE-2025-59288MEDIUMCVSS 5.3EG 5.32025-10-14
Improper verification of cryptographic signature in Github: Playwright allows an unauthorized attacker to perform spoofing over an adjacent network.
- CVE-2025-59334CRITICALCVSS 9.6EG 9.62025-09-16
Linkr is a lightweight file delivery system that downloads files from a webserver. Linkr versions through 2.0.0 do not verify the integrity or authenticity of .linkr manifest files before using their contents, allowing a tampered manifest …
- CVE-2025-59718CRITICALCVSS 9.8EG 9.8⚠ KEV2025-12-09
A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7…
- CVE-2025-59719CRITICALCVSS 9.8EG 9.82025-12-09
An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authenticatio…
Map vulnerabilities like CWE-347 to your infrastructure
EchelonGraph correlates every CVE — across CWE-347 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →