CVE-2026-5588
Published: Apr 15, 2026
Modified: May 18, 2026
Description
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules), Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All (pkix modules). This vulnerability is associated with program files JcaContentVerifierProviderBuilder.Java, JcaContentVerfierProviderBuilder.Java. This issue affects BC-JAVA: from 1.67 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84; BCPKIX-FIPS: from 2.0.6 before 2.0.11, from 2.1.7 before 2.1.11; BCPIX-LTS: from 2.73.7 before 2.73.11.
| Vendor | Product | Versions |
|---|---|---|
Legion of the Bouncy Castle Inc. | BC-JAVA | affected 1.67 - < 1.80.2affected 1.81 - < 1.81.1affected 1.82 - < 1.84 |
Legion of the Bouncy Castle Inc. | BCPKIX-FIPS | affected 2.0.6 - < 2.0.11affected 2.1.7 - < 2.1.11 |
Legion of the Bouncy Castle Inc. | BCPIX-LTS | affected 2.73.7 - < 2.73.11 |
Weaknesses (CWE)
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now