[CYBERDIGEST]
⊞ Dashboard ⚡ Intelligence 📝 Reports 📚 Global Threats 💻 Hack Lab 🗄️ Resources ⌬ 0xJerry's Lab
📡 RSS Feed
System Online

Tag

#TLS

blogHIGH 8.2

Understanding the OnGres SCRAM Silent Channel-Binding Authentication Downgrade Vulnerability

A flaw in the OnGres SCRAM library allows an attacker to silently downgrade a connection from SCRAM-SHA-256-PLUS (with channel binding) to standard SCRAM-SHA-256 (without channel binding), bypassing strict client-side enforcement policies. This vulnerability has a CVSS score of 8.2 and is tracked under CVE-2026-53712.

Jul 2, 20261 source