vulnerability cases
Discovered Vulnerabilities
A curated list of real vulnerabilities found by RedShift. Each case includes full reproduction steps, root cause analysis, and remediation guidance.
8 total cases0 critical2 high6 medium0 low
vulnerabilityseveritytypecategorydate
CBC/ECB PKCS#7 Padding Validation Timing Oracle
Medium
CWE-208Crypto2026-02-23CBC Encrypt Out-of-Bounds Read/Write on Sub-Block Length
High
CWE-787Crypto2026-02-23Identity Point R Causes Universal Signature Forgery in Ed25519
High
CWE-347Crypto2026-02-23ML-DSA Verify Throws Exception for Wrong-Length Public Keys
Medium
CWE-754Crypto2026-02-23ML-KEM Decapsulate Leaks Re-encryption Randomness via Subarray Buffer
Medium
CWE-200Crypto2026-02-23ML-KEM Encapsulation Key Modulus Check Bypass
Medium
CWE-20Crypto2026-02-23Prototype Pollution Disables Low-S Signature Malleability Protection
Medium
CWE-1321Crypto2026-02-23SLH-DSA Verify Throws Exceptions on Malformed Inputs
Medium
CWE-754Crypto2026-02-23