Known Vulnerabilities for Web Signer by Disig
Listed below are 10 of the newest known vulnerabilities associated with "Web Signer" by "Disig".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-55961 json | wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) PKCS#7 object that contains no signer. Such an object ... | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2026-54430 json | liboauth2 is vulnerable to Server-Side Request Forgery in oauth2_jose_jwks_aws_alb_resolve() function. The AWS ALB verifier... | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-46354 json | Coder allows organizations to provision remote development environments via Terraform. In versions prior tp 2.24.5, 2.29.13, ... | Not Provided | 2026-07-07 | 2026-07-08 |
| CVE-2026-33471 json | nimiq-block contains block primitives to be used in Nimiq's Rust implementation. `SkipBlockProof::verify` computes its quorum... | Not Provided | 2026-04-22 | 2026-04-23 |
| CVE-2026-32605 json | nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algori... | Not Provided | 2026-04-13 | 2026-04-16 |
| CVE-2026-9058 json | Szafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. /VerifyingTaskIt... | Not Provided | 2026-05-25 | 2026-05-26 |
| CVE-2026-8931 json | A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3. | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-7511 json | PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, ... | Not Provided | 2026-06-25 | 2026-06-26 |
| CVE-2026-3336 json | Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verifi... | Not Provided | 2026-03-02 | 2026-06-30 |
| CVE-2020-1971 json | The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as E... | Not Provided | 2020-12-08 | 2026-05-29 |