https://ostif.org/the-veracrypt-audit-results/ https://ostif.org/wp-content/uploads/2016/10/VeraCrypt-Audit-Final-for-Public-Release.pdf https://ostif.org/ostif-quarklab-and-veracrypt-e-mails-are-being-intercepted/
VeraCrypt 1.18 and its bootloaders were evaluated. This release included a number of new features including non-western developed encryption options, a boot loader that supports UEFI (modern BIOSes), and more. QuarksLab found: 8 Critical Vulnerabilities 3 Medium Vulnerabilities 15 Low or Informational Vulnerabilities / Concerns This public disclosure of these vulnerabilities coincides with the release of VeraCrypt 1.19 which fixes the vast majority of these high priority concerns. Some of these issues have not been fixed due to high complexity for the proposed fixes, but workarounds have been presented in the documentation for VeraCrypt.