CVE-2026-8149
Awaiting Analysis Awaiting Analysis - Queue
Legion of the Bouncy Castle BC-FJA BC-FIPS Buffer Overflow

Publication date: 2026-05-08

Last updated on: 2026-05-19

Assigner: bcorg

Description
A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X86_64, AVX, AVX-512f. This vulnerability is associated with program files gcm128w, gcm512w. This issue affects BC-LTS: from 2.73.0 before 2.73.11.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-08
Last Modified
2026-05-19
Generated
2026-06-19
AI Q&A
2026-05-08
EPSS Evaluated
2026-06-18
NVD
CVE-2026-8149
EUVD
EUVD-2026-28534
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
legion_of_the_bouncy_castle_inc bc-fja From 2.1.0 (inc) to 2.1.2 (inc)
legion_of_the_bouncy_castle_inc bc-fips *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1068 The implementation of the product is not consistent with the design as described within the relevant documentation.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects Legion of the Bouncy Castle Inc.'s BC-FJA and BC-FIPS software on Linux systems using X86_64 architecture with AVX and AVX-512f instruction sets. It is related to the program files gcm128w and gcm512w and impacts versions 2.1.0 through 2.1.2 of BC-FJA.

Impact Analysis

The vulnerability has a CVSS v4.0 base score of 5.1, indicating a moderate severity. It involves local attack vector with low complexity and no privileges or user interaction required. The exact impact details are not specified, but given the affected components relate to cryptographic functions (gcm128w, gcm512w), it could potentially affect the security or integrity of cryptographic operations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8149. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart