Skip to content
QuantumScanPublic scan report

Repository

golang/crypto

Scanned on May 13, 2026

72

Risk score/ 100

High risk

Summary

The golang/crypto repository contains critical cryptographic vulnerabilities including the use of broken RC2 cipher and quantum-vulnerable Ed25519 signature algorithms. These findings pose significant risks to long-term data confidentiality and authentication integrity in a post-quantum threat landscape.

Critical

1

High

4

Medium

0

Low

0

Top findings

  • CriticalRC2

    pkcs12/internal/rc2/bench_test.go:5

  • HighEd25519 / EdDSA

    ed25519/ed25519_test.go:18

    ML-DSA (CRYSTALS-Dilithium) or SLH-DSA

  • HighEd25519 / EdDSA

    ed25519/ed25519_test.go:19

    ML-DSA (CRYSTALS-Dilithium) or SLH-DSA

  • HighEd25519 / EdDSA

    ed25519/ed25519_test.go:8

    ML-DSA (CRYSTALS-Dilithium) or SLH-DSA

  • HighEd25519 / EdDSA

    ed25519/ed25519_test.go:11

    ML-DSA (CRYSTALS-Dilithium) or SLH-DSA

Scan your own repository

Free. Results in ~90 seconds. CBOM + DORA/NIS2 PDF included.

Start a free scan