CWE-325Missing Cryptographic Step

Abstraction: Base · CVEs in our corpus: 44

The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.

Last updated: 09 May 2026 03:25 UTC

NIST 800-53 r5 controls that address this weakness (0)AI

Control	Title	Family	Why it addresses this CWE
No NIST controls proposed yet.

CVE	Risk	CVSS	EPSS	Published
`CVE-2020-15086`	2.2	9.8	0.0368	2020-07-29
`CVE-2022-24116`	2.0	9.8	0.0008	2022-12-26
`CVE-2020-15098`	1.9	8.8	0.0236	2020-07-29
`CVE-2026-4601`	1.7	8.7	0.0002	2026-03-23
`CVE-2021-33560`	1.5	7.5	0.0043	2021-06-08
`CVE-2021-22946`	1.5	7.5	0.0006	2021-09-29
`CVE-2022-20742`	1.5	7.4	0.0013	2022-05-03
`CVE-2023-28999`	1.5	6.9	0.0128	2023-04-04
`CVE-2023-46129`	1.5	7.5	0.0015	2023-10-31
`CVE-2025-60704`	1.5	7.5	0.0004	2025-11-11
`CVE-2026-22863`	1.5	7.5	0.0001	2026-01-15
`CVE-2026-4258`	1.5	7.5	0.0002	2026-03-17
`CVE-2026-41395`	1.5	7.5	0.0002	2026-04-28
`CVE-2018-5383`	1.4	6.8	0.0017	2018-08-07
`CVE-2019-3738`	1.4	6.5	0.0097	2019-09-18
`CVE-2020-26244`	1.4	6.8	0.0015	2020-12-02
`CVE-2023-28998`	1.4	6.7	0.0079	2023-04-04
`CVE-2022-20793`	1.4	6.8	0.0011	2024-11-15
`CVE-2025-3938`	1.4	6.8	0.0017	2025-05-22
`CVE-2025-47383`	1.4	7.2	0.0002	2026-03-02
`CVE-2022-1279`	1.3	6.5	0.0008	2022-04-14
`CVE-2022-29229`	1.3	6.3	0.0010	2022-05-18
`CVE-2023-34471`	1.3	6.3	0.0008	2023-07-05
`CVE-2024-43547`	1.3	6.5	0.0019	2024-10-08
`CVE-2016-9574`	1.2	5.9	0.0018	2018-07-19