Skip to content
QuantumScanPublic scan report

Repository

monero-project/monero

Scanned on Jun 5, 2026

78

Risk score/ 100

High risk

Summary

Monero's codebase contains critical quantum-vulnerable cryptographic implementations including MD5 for HTTP authentication, RSA key generation without quantum resistance, and ECDSA cipher suites. While the core Monero protocol uses quantum-resistant primitives, the networking and authentication layers expose significant post-quantum vulnerabilities that could compromise secure communications and authentication mechanisms.

Critical

6

High

3

Medium

0

Low

0

Top findings

  • CriticalMD5

    contrib/epee/src/http_auth.cpp:110

    SHA3-256 or SHA-256

  • CriticalMD5

    contrib/epee/src/http_auth.cpp:144

    SHA3-256 or SHA-256

  • CriticalSSLv2 / SSLv3

    contrib/epee/src/net_ssl.cpp:210

  • CriticalSSLv2 / SSLv3

    contrib/epee/src/net_ssl.cpp:211

  • CriticalTLS 1.0 / 1.1

    contrib/epee/src/net_ssl.cpp:212

+ 4 more findings in the full report

Scan your own repository

Free. Results in ~90 seconds. CBOM + DORA/NIS2 PDF included.

Start a free scan