CVE-2025-64767 | dajiaji hpke-js up to 1.7.4 Seal nonce re-use (GHSA-73g8-5h73-26h4)

November 21, 2025 Yanac

A vulnerability was found in dajiaji hpke-js up to 1.7.4. It has been declared as critical. The affected element is the function Seal. Executing manipulation can lead to reusing a nonce.

This vulnerability is tracked as CVE-2025-64767. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2025-36149 | IBM Concert Software up to 2.0.0 ui layer
CVE-2025-13470 | Ribose RNP 0.18.0 stream-write.cpp encrypted_build_skesk random values (EUVD-2025-198494)