{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32935", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-17T00:05:53.282Z", "datePublished": "2026-03-20T02:48:59.778Z", "dateUpdated": "2026-03-20T16:32:34.194Z"}, "containers": {"cna": {"title": "phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack", "problemTypes": [{"descriptions": [{"cweId": "CWE-208", "lang": "en", "description": "CWE-208: Observable Timing Discrepancy", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/phpseclib/phpseclib/security/advisories/GHSA-94g3-g5v7-q4jg", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/phpseclib/phpseclib/security/advisories/GHSA-94g3-g5v7-q4jg"}, {"name": "https://github.com/phpseclib/phpseclib/commit/ccc21aef71eb170e9bf819b167e67d1fd9e6e788", "tags": ["x_refsource_MISC"], "url": "https://github.com/phpseclib/phpseclib/commit/ccc21aef71eb170e9bf819b167e67d1fd9e6e788"}], "affected": [{"vendor": "phpseclib", "product": "phpseclib", "versions": [{"version": ">= 3.0.0, < 3.0.50", "status": "affected"}, {"version": ">= 2.0.0, < 2.0.52", "status": "affected"}, {"version": "< 1.0.27", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-20T02:48:59.778Z"}, "descriptions": [{"lang": "en", "value": "phpseclib is a PHP secure communications library. Projects using versions 1.0.26 and below, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50."}], "source": {"advisory": "GHSA-94g3-g5v7-q4jg", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-20T16:31:59.292752Z", "id": "CVE-2026-32935", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T16:32:34.194Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32935", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-20T16:31:59.292752Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T16:32:14.624Z"}}], "cna": {"title": "phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack", "source": {"advisory": "GHSA-94g3-g5v7-q4jg", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "phpseclib", "product": "phpseclib", "versions": [{"status": "affected", "version": ">= 3.0.0, < 3.0.50"}, {"status": "affected", "version": ">= 2.0.0, < 2.0.52"}, {"status": "affected", "version": "< 1.0.27"}]}], "references": [{"url": "https://github.com/phpseclib/phpseclib/security/advisories/GHSA-94g3-g5v7-q4jg", "name": "https://github.com/phpseclib/phpseclib/security/advisories/GHSA-94g3-g5v7-q4jg", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/phpseclib/phpseclib/commit/ccc21aef71eb170e9bf819b167e67d1fd9e6e788", "name": "https://github.com/phpseclib/phpseclib/commit/ccc21aef71eb170e9bf819b167e67d1fd9e6e788", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "phpseclib is a PHP secure communications library. Projects using versions 1.0.26 and below, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-208", "description": "CWE-208: Observable Timing Discrepancy"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-20T02:48:59.778Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32935", "state": "PUBLISHED", "dateUpdated": "2026-03-20T16:32:34.194Z", "dateReserved": "2026-03-17T00:05:53.282Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-20T02:48:59.778Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:phpseclib:phpseclib:*:*:*:*:*:*:*:*", "matchCriteriaId": "C6E24FA3-3B81-4B9C-8496-F00C05C25B08", "versionEndExcluding": "1.0.27", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpseclib:phpseclib:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF84AA36-8C45-4F14-B352-82B4CA15363B", "versionEndExcluding": "2.0.52", "versionStartIncluding": "2.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpseclib:phpseclib:*:*:*:*:*:*:*:*", "matchCriteriaId": "28062965-A785-45DF-9671-2B7795D49250", "versionEndExcluding": "3.0.50", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "phpseclib is a PHP secure communications library. Projects using versions 1.0.26 and below, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50."}, {"lang": "es", "value": "phpseclib es una biblioteca PHP de comunicaciones seguras. Los proyectos que utilizan las versiones 1.0.26 e inferiores, 2.0.0 hasta 2.0.51, y 3.0.0 hasta 3.0.49 son vulnerables a un ataque de temporizaci\u00f3n de or\u00e1culo de relleno al usar AES en modo CBC. Este problema ha sido solucionado en las versiones 1.0.27, 2.0.52 y 3.0.50."}], "id": "CVE-2026-32935", "lastModified": "2026-03-23T19:23:56.903", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-20T03:16:00.763", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/phpseclib/phpseclib/commit/ccc21aef71eb170e9bf819b167e67d1fd9e6e788"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/phpseclib/phpseclib/security/advisories/GHSA-94g3-g5v7-q4jg"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-208"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.0.0,3.0.50)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[2.0.0,2.0.52)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.0.27)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "phpseclib", "source": "cna", "vendor": "phpseclib"}, "product": "phpseclib", "vendor": "phpseclib"}], "analysis": {"en": {"generated_at": "2026-03-20T04:50:21.987886+00:00", "value": {"mitigation_remediation": ["Upgrade phpseclib to version 1.0.27 or later, version 2.0.52 or later, or version 3.0.50 or later, ensuring the running branch is not among the vulnerable versions."], "summary": {"action": "Immediate Patch", "impact": "Timing-based Decryption Attack"}, "threat_synthesis": {"affected_systems": "The phpseclib library for PHP is affected. Versions 1.0.26 and earlier, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable. The issue is fixed in 1.0.27, 2.0.52, and 3.0.50 and all later releases for each major branch.", "description_and_impact": "This vulnerability is a timing\u2011based padding oracle that allows an attacker to recover plaintext from ciphertext encrypted with AES in CBC mode using phpseclib. The flaw is classified as CWE\u2011208 and directly compromises the confidentiality of any data encrypted with this implementation. No other impact such as denial of service or integrity loss is described in the available data.", "risk_and_exploitability": "The CVSS score of 8.2 classifies the flaw as high severity. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is through any interface that accepts ciphertexts processed by phpseclib AES\u2011CBC; an attacker would need to send ciphertexts and measure the decryption time to determine padding correctness. This condition is feasible for client\u2011server or web\u2011application contexts where response times can be observed. Consequently, the risk of exploitation is considered significant for exposed systems."}}}}, "created": "2026-03-20T08:52:58.676996+00:00", "updated": "2026-03-20T10:37:42.332369+00:00", "vendors": ["phpseclib", "phpseclib$PRODUCT$phpseclib"]}