正在跳转... https://securityonline.info/critical-openpgp-js-flaw-allows-message-signature-spoofing/