Another (non-)standards vs cryptography issue: "any message sent by GPG or Crypto++ in the past 20-something years to one of 2,132 registered public PGP keys had weak or nonexistent security"
https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1 Jeff
