CVE-2026-5598
Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerability is associat
CVSS
7.5
High
EPSS
0.7%
p49
KEV
—
Exploit Today
15
0-100
Published: Apr 15, 2026 · Last modified: Jul 15, 2026 · CWE-385
0.7%EPSS · 30 days0.7%
2026-06-302026-07-16
Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
- github.comhttps://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5
- github.comhttps://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87
- github.comhttps://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:12267
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:12269
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:18054
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:18055
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:18059
- access.redhat.comhttps://access.redhat.com/security/cve/CVE-2026-5598
- bugzilla.redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2458635
- security.access.redhat.comhttps://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5598.json
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2025-92316.5 MED80.8%
——24Issue summary: A timing side-channel which could potentially allow remote
recovery of the private key exists in the SM2 algorithm implementation on 64 bit
ARM platforms.
Impact summary: A timing side-channel in SM2 signature computations on 64 bit
ARM platforms could allow recovering the private key by an attacker..
While remote key recovery over a network was not attempted by the reporter,
timing measurements revealed a timing signal which may allow such an attack.
OpenSSL does not directly support certificates with SM2 keys in TLS, and so
this CVE is not relevant in most TLS contexts. However, given that it is
possible to add support for such certificates via a custom provider, coupled
with the fact that in such a custom provider context the private key may be
recoverable via remote timing measurements, we consider this to be a Moderate
severity issue.
The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this
issue, as SM2 is not an approved algorithm.3dCVE-2026-64786.5 MED42.8%
——13Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 passwords, the default in all supported releases. However, current databases may have MD5-hashed passwords originating in upgrades from PostgreSQL 13 or earlier. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.2dCVE-2025-698934.6 MED15.2%
——5A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 hardware wallets. This originates from the BIP-39 standard guidelines, which induce non-constant time execution and specific branch patterns for word searching. An attacker with physical access during the initial setup phase can collect a single side-channel trace. By utilizing profiling-based Deep Learning Side-Channel Analysis (DL-SCA), the attacker can recover the mnemonic code and subsequently steal the assets. The issue was patched.12d