GHSA-hw43-fcmm-3m5g · Severity: high · Ecosystem: maven — Emissary May Use a Broken or Risky Cryptographic Algorithm
Emissary is a P2P based data-driven workflow engine. The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use cases (e.g., SHA-1, CRC32, and SSDEEP). These algorithms, while possibly valid for certain non-security-critical tasks, can expose users to security risks if used in scenarios where strong cryptographic guarantees are required. This issue is fixed in 8.24.0.
Conclusion & alert: CVE-2025-27508 is rated Moderate Risk (41.3/100): CVSS High severity, with low exploitation likelihood (EPSS 0.13%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-04-15 | 0.19% | 0.13% | -0.06% |
| 2 | 2026-04-13 | 0.05% | 0.19% | +0.14% |
| 3 | 2025-11-18 | — | 0.05% | — |
Full EPSS history (4 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.5 | 3.1 | HIGH |
|
3.9 | 3.6 | [email protected] |
GHSA-hw43-fcmm-3m5g · Severity: high · Ecosystem: maven — Emissary May Use a Broken or Risky Cryptographic Algorithm
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| No affected products in dataset. | |||