Sign In Get Started

Security NewsMediumIncidentvulnerability

CVE-2025-30258 In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."

UnknownApr 15, 2026(28 days ago)

A vulnerability in GnuPG before 2.5.5 can cause a denial of service (DoS) affecting signature verification due to crafted subkey data.

Information published.

Related CVEs

Related News

PROFECO Institutional Program 2026–2030: Compliance takeaways for companies operating in Mexico

Unknown31 minutes ago

Phase One IEEPA Tariff Refunds Are Hitting Bank Accounts: What Importers Should Do Now and Implications for the Secondary Market in Refund Rights

Unknown35 minutes ago

Nebraska Makes Last-Minute Changes to Age Appropriate Online Design Code Act

Unknown36 minutes ago

Get Personalized Alerts

Track vendors and receive alerts when security incidents affect your supply chain.

What We Monitor

Security Incidents

Data breaches, ransomware, and unauthorized access

Vulnerabilities

CVEs and vendor security advisories

Compliance Updates

Regulatory changes and certification news

Legal News

Privacy laws and enforcement actions

Vendor Directory

Browse our directory of SaaS vendors with security documentation and compliance information.