Login
Israel-Hamas Conflict
Memorial Day
Harvard
Baseball
Cannes Film Festival
Education
Natural Disasters
NCAA
Social Media
Donald Trump
European Union
Motorsports
Artificial Intelligence
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

OpenPGP Vulnerability CVE-2025-47934 Exposes Users - Cybernoz - Cybersecurity News

Summary by The Cyber Express
A flaw has been discovered in OpenPGP.js, a widely used JavaScript library for OpenPGP encryption. Tracked as CVE-2025-47934, the vulnerability allows threat actors to spoof both signed and encrypted messages, effectively undermining the very foundation of trust in public key cryptography.  The vulnerability, rated 8.7 (High) on the CVSS scale, was discovered by security researchers Edoardo Geraci and Thomas Rinsma of Codean Labs. Their findings…
DisclaimerThis story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.

3 Articles

All
Left
Center
Right
cybernoz.comcybernoz.com

OpenPGP Vulnerability CVE-2025-47934 Exposes Users - Cybernoz - Cybersecurity News

A flaw has been discovered in OpenPGP.js, a widely used JavaScript library for OpenPGP encryption. Tracked as CVE-2025-47934, the vulnerability allows threat actors to spoof both signed and encrypted messages, effectively undermining the very foundation of trust in public key cryptography.  The vulnerability, rated 8.7 (High) on the CVSS scale, was discovered by security researchers Edoardo Geraci and Thomas Rinsma of Codean Labs. Their findings…

Read Full Article
The Cyber ExpressThe Cyber Express

OpenPGP Vulnerability CVE-2025-47934 Exposes Users

A flaw has been discovered in OpenPGP.js, a widely used JavaScript library for OpenPGP encryption. Tracked as CVE-2025-47934, the vulnerability allows threat actors to spoof both signed and encrypted messages, effectively undermining the very foundation of trust in public key cryptography.  The vulnerability, rated 8.7 (High) on the CVSS scale, was discovered by security researchers Edoardo Geraci and Thomas Rinsma of Codean Labs. Their findings…

Read Full Article
Linux-MagazinLinux-Magazin

Fake Signatures: OpenPGP.js Needs Patches

OpenPGP.js, a Javascript implementation of OpenPGP, can be fooled when checking message signatures. Patches fix the serious security vulnerability. A maliciously modified message can either be passed to openpgp.verify or openpgp.decrypt, which means that these functions return a valid signature check result, although the data was not actually signed, says in a security message to the vulnerability (

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • There is no tracked Bias information for the sources covering this story.
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

Linux-Magazin broke the news in on Thursday, May 22, 2025.
Sources are mostly out of (0)

Similar News Topics

News
For You
SearchBlindspotLocal