Known Vulnerabilities for Web Signer by Disig

Listed below are 10 of the newest known vulnerabilities associated with "Web Signer" by "Disig".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-55961 json wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) PKCS#7 object that contains no signer. Such an object ... Not Provided 2026-06-25 2026-06-25
CVE-2026-54430 json liboauth2 is vulnerable to Server-Side Request Forgery in oauth2_jose_jwks_aws_alb_resolve() function. The AWS ALB verifier... Not Provided 2026-07-02 2026-07-02
CVE-2026-46354 json Coder allows organizations to provision remote development environments via Terraform. In versions prior tp 2.24.5, 2.29.13, ... Not Provided 2026-07-07 2026-07-08
CVE-2026-33471 json nimiq-block contains block primitives to be used in Nimiq's Rust implementation. `SkipBlockProof::verify` computes its quorum... Not Provided 2026-04-22 2026-04-23
CVE-2026-32605 json nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algori... Not Provided 2026-04-13 2026-04-16
CVE-2026-9058 json Szafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. /VerifyingTaskIt... Not Provided 2026-05-25 2026-05-26
CVE-2026-8931 json A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3. Not Provided 2026-06-01 2026-06-01
CVE-2026-7511 json PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, ... Not Provided 2026-06-25 2026-06-26
CVE-2026-3336 json Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verifi... Not Provided 2026-03-02 2026-06-30
CVE-2020-1971 json The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as E... Not Provided 2020-12-08 2026-05-29
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report