quantumscan-io/vulnerable-demo-repo

Scanned on Jun 10, 2026

Risk score/ 100

Critical risk

Summary

This repository contains 46 cryptographic vulnerabilities across 8 files, with 21 critical broken algorithms (MD5, 3DES, DES) and 22 high-severity quantum-vulnerable implementations (RSA ≤2048 bits, ECDSA). All asymmetric cryptography is susceptible to quantum attacks via Shor's algorithm, and symmetric algorithms use obsolete or broken ciphers, creating immediate security risks even against classical adversaries.

Critical

High

Medium

Low

Top findings

Critical3DES / TripleDES
csharp/WeakCrypto.cs:16
Raw evidence
```
using var tdes = TripleDES.Create();
```
CriticalMD5
csharp/WeakCrypto.cs:9
SHA3-256 or SHA-256
Raw evidence
```
using var md5 = new MD5CryptoServiceProvider();
```
CriticalMD5
javascript/weak-crypto.js:7
SHA3-256 or SHA-256
Raw evidence
```
return crypto.createHash("md5").update(input).digest("hex");
```
CriticalSHA-1
rust/src/weak_crypto.rs:11
SHA-256 or SHA3-256
Raw evidence
```
use sha1::{Sha1, Digest as Sha1Digest};
```
CriticalSHA-1
rust/src/weak_crypto.rs:30
SHA-256 or SHA3-256
Raw evidence
```
let mut hasher = Sha1::new();
```

+ 41 more findings in the full report

Scan your own repository

Free. Results in ~90 seconds. CBOM + DORA/NIS2 PDF included.

Start a free scan