Cyber Resilience

CVE-2026-50721

High

Published: 02 July 2026

Published
02 July 2026
Modified
02 July 2026
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score N/A
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-50721 is a high-severity Improper Verification of Cryptographic Signature (CWE-347) vulnerability in Libreswan (inferred from references). Its CVSS base score is 8.1 (High).

Operationally, it is not currently listed in the CISA KEV catalog.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC 2313. A remote attacker can use a…

more

variation on the Bleichenbacher attack to forge the SIG payload when small public exponents are being used (e.g., e=3), which could lead to impersonation. Additionally, a remote attacker, by encoding a shorter than expected hash in the SIG payload, could trigger an assertion leading to denial-of-service. The daemon aborts and restarts; continued exploitation causes sustained denial of service. Remote code execution is not possible. X.509 certificate verifications of remote IKE peers are not affected.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Libreswan
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-347

Requires verification of digital signatures using organization-approved certificates before installation, directly preventing improper verification of cryptographic signatures.

addresses: CWE-347

Component authenticity commonly depends on cryptographic signatures; the control enforces proper verification of those signatures.

addresses: CWE-347

PKI certificates under an approved policy require cryptographic signature verification on issuance and validation.

addresses: CWE-347

Requires cryptographic signatures on authoritative data and support for verifying the chain of trust.

addresses: CWE-347

Mandates verification of cryptographic signatures (e.g., DNSSEC RRSIG) on resolution responses, addressing missing or bypassed signature checks.

addresses: CWE-347

Integrity tools commonly rely on cryptographic signatures whose improper validation this weakness covers.

addresses: CWE-347

Authenticity validation commonly relies on cryptographic signature or certificate checks that this control enforces.

Hardening callouts derived

Configuration rules from DISA STIG baselines that reduce the attack surface for weaknesses of the type cited by this CVE. Derived transitively via CVE→CWE→STIG over `controls_xwalks` (authoritative rows only).

Oracle Linux 8 (2 rules)
  • V-248574 YUM must be configured to prevent the installation of patches, service packs, device drivers, or OL 8 system components that have not been digitally signed using a certificate that is recognized and approved by the organization. via CWE-347
  • V-248575 OL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-347
Oracle Linux 9 (2 rules)
  • V-271523 OL 9 must check the GPG signature of locally installed software packages before installation. via CWE-347
  • V-271525 OL 9 must have GPG signature verification enabled for all software repositories. via CWE-347
RHEL 7 (2 rules)
  • V-204447 The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-347
  • V-204448 The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-347
RHEL 8 (1 rule)
  • V-230264 RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-347
RHEL 9 (1 rule)
  • V-257822 RHEL 9 must have GPG signature verification enabled for all software repositories. via CWE-347

References