OpenPGP is the most widely used email encryption standard. It is defined by the OpenPGP Working Group of the Internet Engineering Task Force (IETF) as a Proposed Standard in RFC 4880.
Cure53 conducted a penetration test on OpenPGP (2014). This penetration test was carried out and coordinated by four testers and yielded an overall of 26 issues. Among these findings, Cure53 has classified 12 as vulnerabilities, with 2 issues rated ‘critical’ in regards to their severity.
The full report and summary of findings can be found below.