A critical security vulnerability has been found in OpenPGP.js, a widely used JavaScript cryptography library that enables secure encrypted communications and digital signature verification in web-based applications.
This flaw, designated as CVE-2025-47934, exposed users to the risk of digital signature spoofing, potentially undermining the foundation of trust upon which encrypted communications and document signing are based.
https://cyberpress.org/critical-weaknes ... es-forged/