umbraco/Umbraco-CMS

Summary

Umbraco CMS uses RSA-2048 for signing keys in its API authentication layer, which is vulnerable to future quantum attacks via Shor's algorithm. With one high-severity quantum-vulnerable finding in authentication infrastructure, the system faces significant long-term cryptographic risk. Migration to post-quantum signature schemes is recommended within the next 2-3 years to maintain security guarantees.