{"id":"CVE-2025-46674","details":"NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle.","modified":"2026-04-10T05:28:29.559878Z","published":"2025-04-27T01:15:44.623Z","references":[{"type":"WEB","url":"https://github.com/nasa/CryptoLib/compare/v1.3.1...v1.3.2"},{"type":"FIX","url":"https://github.com/nasa/CryptoLib/pull/365"},{"type":"EVIDENCE","url":"https://securitybynature.fr/post/hacking-cryptolib/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nasa/cryptolib","events":[{"introduced":"0"},{"fixed":"c9b7265696bb8bffc2828d22adc5a34db10f3850"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.3.2"}]}}],"versions":["v1.0.3","v1.1.0","v1.1.1","v1.2.0","v1.2.1","v1.2.2","v1.2.3","v1.3.0","v1.3.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-46674.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}]}