A critical flaw in OpenPGP.js, tracked as CVE-2025-47934, lets attackers spoof message signatures; updates have been released to address the flaw. A critical vulnerability, tracked as CVE-2025-47934, in OpenPGP.js allowed spoofing of message signature verification. OpenPGP.js is an open-source JavaScript library that implements the OpenPGP standard for email and data encryption. It allows developers to […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/178131/uncategorized/a-openpgp-js-flaw-lets-attackers-spoof-message-signatures.html
