| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2023-49316 |
high |
— |
8.0 |
19d ago |
Phpseclib needs guardrails on large binaryfield integers |
|
| CVE-2024-27355 |
high |
— |
8.0 |
20d ago |
phpseclib guardrails needed on OID length |
|
| CVE-2024-27354 |
high |
— |
8.0 |
22d ago |
phpseclib: guardrails needed on isPrime and randomPrime |
|
| CVE-2026-44167 |
high |
7.5 |
7.5 |
22d ago |
phpseclib has a CVE-2024-27355 mitigation bypass — OID amplification DoS in ASN1::decodeOID() |
|
| CVE-2026-32935 |
medium |
5.9 |
5.9 |
2mo ago |
phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack |
|
| CVE-2026-40194 |
low |
3.7 |
3.7 |
2mo ago |
phpseclib has a variable-time HMAC comparison in SSH2::get_binary_packet() using != instead of hash_equals() |
|