Browse all 5 CVE security advisories affecting open-quantum-safe. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Open-quantum-safe focuses on developing cryptographic solutions resistant to quantum computing threats, primarily serving as a framework for transitioning to post-quantum cryptography in critical infrastructure. Historically, it has been associated with vulnerabilities like buffer overflows and implementation flaws that could lead to remote code execution or information disclosure. While currently limited to five CVEs, the project's security characteristics emphasize cryptographic agility and standardization efforts. No major security incidents have been reported to date, but the nascent nature of quantum-resistant cryptography means ongoing scrutiny of implementations remains essential as threat landscapes evolve.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-52473 | liboqs secret-dependent branching in HQC reference implementation when compiled with Clang 17-20 — liboqsCWE-200 | 5.9 | Medium | 2025-07-10 |
| CVE-2025-48946 | liboqs affected by theoretical design flaw in HQC — liboqsCWE-327 | 3.7 | Low | 2025-05-30 |
| CVE-2024-54137 | liboqs has a correctness error in HQC decapsulation — liboqsCWE-200 | 7.4 | High | 2024-12-06 |
| CVE-2024-37305 | Buffer overflow in deserialization in oqs-provider — oqs-providerCWE-120 | 8.2 | High | 2024-06-17 |
| CVE-2024-36405 | Control-flow timing leak in Kyber reference implementation when compiled with Clang 15-18 for -Os, -O1 and other options — liboqsCWE-208 | 5.9 | Medium | 2024-06-10 |
This page lists every published CVE security advisory associated with open-quantum-safe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.