CVE-2026-41244

Name of the Vulnerable Software and Affected Versions Mojic versions prior to 2.1.4

Description The CipherEngine uses a standard equality operator (!==) to verify the HMAC-SHA256 integrity seal during the decryption phase. This creates an Observable Timing Discrepancy, which is a situation where the time taken to execute a comparison depends on the input, allowing a potential attacker to bypass the file integrity check via a timing attack.

Recommendations Update to version 2.1.4.