Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-22025

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, when the KMC server returns a non-200 HTTP status code, cryptography_encrypt() and cryptography_decrypt() return immediately without freeing previously allocated buffers. Each failed request leaks approximately 467 bytes. Repeated failures (from a malicious server or network issues) can gradually exhaust memory. This issue has been patched in version 1.4.3.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.7%
CVSS Severity
CVSS v3 Score 3.7
Products affected by CVE-2026-22025
  • Nasa » Cryptolib » Version: 1.0.0
    cpe:2.3:a:nasa:cryptolib:1.0.0
  • Nasa » Cryptolib » Version: 1.0.1
    cpe:2.3:a:nasa:cryptolib:1.0.1
  • Nasa » Cryptolib » Version: 1.0.2
    cpe:2.3:a:nasa:cryptolib:1.0.2
  • Nasa » Cryptolib » Version: 1.0.3
    cpe:2.3:a:nasa:cryptolib:1.0.3
  • Nasa » Cryptolib » Version: 1.1.0
    cpe:2.3:a:nasa:cryptolib:1.1.0
  • Nasa » Cryptolib » Version: 1.1.1
    cpe:2.3:a:nasa:cryptolib:1.1.1
  • Nasa » Cryptolib » Version: 1.2.0
    cpe:2.3:a:nasa:cryptolib:1.2.0
  • Nasa » Cryptolib » Version: 1.2.1
    cpe:2.3:a:nasa:cryptolib:1.2.1
  • Nasa » Cryptolib » Version: 1.2.2
    cpe:2.3:a:nasa:cryptolib:1.2.2
  • Nasa » Cryptolib » Version: 1.2.3
    cpe:2.3:a:nasa:cryptolib:1.2.3
  • Nasa » Cryptolib » Version: 1.3.0
    cpe:2.3:a:nasa:cryptolib:1.3.0
  • Nasa » Cryptolib » Version: 1.3.1
    cpe:2.3:a:nasa:cryptolib:1.3.1
  • Nasa » Cryptolib » Version: 1.3.2
    cpe:2.3:a:nasa:cryptolib:1.3.2
  • Nasa » Cryptolib » Version: 1.3.3
    cpe:2.3:a:nasa:cryptolib:1.3.3
  • Nasa » Cryptolib » Version: 1.4.0
    cpe:2.3:a:nasa:cryptolib:1.4.0
  • Nasa » Cryptolib » Version: 1.4.1
    cpe:2.3:a:nasa:cryptolib:1.4.1
  • Nasa » Cryptolib » Version: 1.4.2
    cpe:2.3:a:nasa:cryptolib:1.4.2


Products
Pricing
Contact Us

Shodan ® - All rights reserved