{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22025", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-05T22:30:38.718Z", "datePublished": "2026-01-10T00:20:59.338Z", "dateUpdated": "2026-01-13T20:19:08.707Z"}, "containers": {"cna": {"title": "CryptoLib Memory Leak on HTTP Error Response in KMC Client", "problemTypes": [{"descriptions": [{"cweId": "CWE-401", "lang": "en", "description": "CWE-401: Missing Release of Memory after Effective Lifetime", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-770", "lang": "en", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-h74x-vwwr-mm5g", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-h74x-vwwr-mm5g"}, {"name": "https://github.com/nasa/CryptoLib/commit/2372efd3da1ccb226b4297222e25f41ecc84821d", "tags": ["x_refsource_MISC"], "url": "https://github.com/nasa/CryptoLib/commit/2372efd3da1ccb226b4297222e25f41ecc84821d"}, {"name": "https://github.com/nasa/CryptoLib/releases/tag/v1.4.3", "tags": ["x_refsource_MISC"], "url": "https://github.com/nasa/CryptoLib/releases/tag/v1.4.3"}], "affected": [{"vendor": "nasa", "product": "CryptoLib", "versions": [{"version": "< 1.4.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-10T00:20:59.338Z"}, "descriptions": [{"lang": "en", "value": "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, when the KMC server returns a non-200 HTTP status code, cryptography_encrypt() and cryptography_decrypt() return immediately without freeing previously allocated buffers. Each failed request leaks approximately 467 bytes. Repeated failures (from a malicious server or network issues) can gradually exhaust memory. This issue has been patched in version 1.4.3."}], "source": {"advisory": "GHSA-h74x-vwwr-mm5g", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-h74x-vwwr-mm5g", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-13T20:18:57.347847Z", "id": "CVE-2026-22025", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-13T20:19:08.707Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22025", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-05T22:30:38.718Z", "datePublished": "2026-01-10T00:20:59.338Z", "dateUpdated": "2026-01-13T20:19:08.707Z"}, "containers": {"cna": {"title": "CryptoLib Memory Leak on HTTP Error Response in KMC Client", "problemTypes": [{"descriptions": [{"cweId": "CWE-401", "lang": "en", "description": "CWE-401: Missing Release of Memory after Effective Lifetime", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-770", "lang": "en", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-h74x-vwwr-mm5g", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-h74x-vwwr-mm5g"}, {"name": "https://github.com/nasa/CryptoLib/commit/2372efd3da1ccb226b4297222e25f41ecc84821d", "tags": ["x_refsource_MISC"], "url": "https://github.com/nasa/CryptoLib/commit/2372efd3da1ccb226b4297222e25f41ecc84821d"}, {"name": "https://github.com/nasa/CryptoLib/releases/tag/v1.4.3", "tags": ["x_refsource_MISC"], "url": "https://github.com/nasa/CryptoLib/releases/tag/v1.4.3"}], "affected": [{"vendor": "nasa", "product": "CryptoLib", "versions": [{"version": "< 1.4.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-10T00:20:59.338Z"}, "descriptions": [{"lang": "en", "value": "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, when the KMC server returns a non-200 HTTP status code, cryptography_encrypt() and cryptography_decrypt() return immediately without freeing previously allocated buffers. Each failed request leaks approximately 467 bytes. Repeated failures (from a malicious server or network issues) can gradually exhaust memory. This issue has been patched in version 1.4.3."}], "source": {"advisory": "GHSA-h74x-vwwr-mm5g", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22025", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-13T20:18:57.347847Z"}}}], "references": [{"url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-h74x-vwwr-mm5g", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-13T20:19:05.716Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nasa:cryptolib:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE1BE91E-2901-42AF-BC66-762CFA7A2582", "versionEndExcluding": "1.4.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, when the KMC server returns a non-200 HTTP status code, cryptography_encrypt() and cryptography_decrypt() return immediately without freeing previously allocated buffers. Each failed request leaks approximately 467 bytes. Repeated failures (from a malicious server or network issues) can gradually exhaust memory. This issue has been patched in version 1.4.3."}], "id": "CVE-2026-22025", "lastModified": "2026-01-16T16:39:52.060", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-01-10T01:16:18.703", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/nasa/CryptoLib/commit/2372efd3da1ccb226b4297222e25f41ecc84821d"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/nasa/CryptoLib/releases/tag/v1.4.3"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-h74x-vwwr-mm5g"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-h74x-vwwr-mm5g"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}, {"lang": "en", "value": "CWE-770"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T19:16:35.726543+00:00", "value": {"mitigation_remediation": ["Apply the official CryptoLib patch by upgrading to version\u202f1.4.3 or later.", "Configure the KMC client to handle non\u2011200 responses promptly and limit the number of retry attempts to mitigate resource exhaustion.", "In environments where the patch cannot be applied immediately, monitor the memory usage of CryptoLib\u2011dependent processes and restart or terminate services before memory exhaustion occurs to prevent denial of service."], "summary": {"action": "Patch", "impact": "Memory Leak leading to Denial of Service"}, "threat_synthesis": {"affected_systems": "The affected system is the NASA CryptoLib package. All releases before 1.4.3, including 1.4.2 and earlier versions, are vulnerable. Any deployment that uses CryptoLib for cryptographic functions in KMC client applications is impacted.", "description_and_impact": "CryptoLib implements the CCSDS Space Data Link Security Protocol \u2013 Extended Procedures for secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions before 1.4.3, if the KMC client receives a non\u2011200 HTTP response, the cryptography_encrypt() and cryptography_decrypt() functions return immediately without freeing previously allocated buffers, leaking approximately 467 bytes of memory with each failure. Repeated failures can accumulate enough leaked data to exhaust available memory, potentially causing application crashes or degraded performance, and thereby leading to service disruption. The vulnerability maps to CWE\u2011401 (Memory Leak) and CWE\u2011770 (Out\u2011of\u2011Band Resource Exhaustion).", "risk_and_exploitability": "The CVSS score of 6.3 indicates moderate severity. The EPSS score of less than 1\u202f% suggests a very low probability of exploitation at this time, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires an attacker to trigger multiple failed HTTP interactions with a KMC client, either by controlling a malicious KMC server or by inducing network errors. The impact is limited to increased memory consumption and potential denial of service, with no direct compromise of data confidentiality or integrity."}}}}, "created": "2026-01-12T14:36:48.506532+00:00", "updated": "2026-04-18T19:30:08.952630+00:00", "vendors": ["nasa", "nasa$PRODUCT$cryptolib"]}