CVE-2026-5598

CVSS v4.0

8.9

High

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red

Name of the Vulnerable Software and Affected Versions BC-JAVA versions 1.71 through 1.83

Description A covert timing channel exists in the BC-JAVA core modules, specifically associated with the program files FrodoEngine.Java. A covert timing channel is a method of transferring information from one process to another by manipulating the timing of events.

Recommendations Update to version 1.84.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-385

Related Identifiers

CLEANSTART-2026-PK73499

CLEANSTART-2026-PO27799

CLEANSTART-2026-VJ37814

CVE-2026-5598

GHSA-P93R-85WP-75V3

OPENSUSE-SU-2026:10571-1

RHSA-2026:12267

Affected Products

Bc-Java

CVE-2026-5598

Weakness Enumeration

Related Identifiers

Affected Products

References · 101