VIR Vulnerability Intelligence Relay

Package impact

php Packagist / phpseclib/phpseclib

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2023-49316 high 8.0 20d ago Phpseclib needs guardrails on large binaryfield integers
CVE-2024-27355 high 8.0 20d ago phpseclib guardrails needed on OID length
CVE-2024-27354 high 8.0 22d ago phpseclib: guardrails needed on isPrime and randomPrime
CVE-2026-44167 high 7.5 7.5 23d ago phpseclib has a CVE-2024-27355 mitigation bypass — OID amplification DoS in ASN1::decodeOID()
CVE-2026-32935 medium 5.9 5.9 2mo ago phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack
CVE-2026-40194 low 3.7 3.7 2mo ago phpseclib has a variable-time HMAC comparison in SSH2::get_binary_packet() using != instead of hash_equals()