Codean (@CodeanIO) on Piclur: At Codean Labs, our mission is to make the world more secure — and what better way than to secure fundamental open source projects?We identified CVE-2025-47934, a critical vulnerability in OpenPGP.js to spoof signatures, see <a style="text-decoration: none;" rel="nofollow" target="_blank" href="https://github.com/openpgpjs/openpgpjs/security/advisories/GHSA-8qff-qr5q-5pr8">github.com/openpgpjs/open…</a> / Piclur

Codean

May 20

At Codean Labs, our mission is to make the world more secure — and what better way than to secure fundamental open source projects? We identified CVE-2025-47934, a critical vulnerability in OpenPGP.js to spoof signatures, see github.com/openpgpjs/open…

CodeanIO's tweet card. ### Impact A maliciously modified message can be passed to either `openpgp.verify` or `openpgp.decrypt`, causing these functions to return a valid signature verification result while returning dat...

Message signature verification can be spoofed

Source: github.com

United States Trends

1. James Comey 17.4K posts
2. Thanksgiving 151K posts
3. #GEAT_NEWS 1,456 posts
4. Comey and James 11.1K posts
5. Jimmy Cliff 27.3K posts
6. #IDontWantToOverreactBUT 1,415 posts
7. #WooSoxWishList 4,378 posts
8. #NutramentHolidayPromotion N/A
9. #MondayMotivation 14.1K posts
10. The Department of War 10K posts
11. DOGE 239K posts
12. DISMISSED 20.8K posts
13. Sen. Mark Kelly 15.2K posts
14. Monad 178K posts
15. Victory Monday 5,024 posts
16. TOP CALL 5,016 posts
17. Zach Bryan N/A
18. Feast Week 2,276 posts
19. Towson N/A
20. Justin Tucker N/A

Something went wrong.