CVE-2026-23966
- EPSS 0.01%
- Veröffentlicht 22.01.2026 02:06:54
- Zuletzt bearbeitet 25.02.2026 15:30:40
sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A private key recovery vulnerability exists in the SM2 decryption logic of sm-crypto prior to version 0.3.14. By interacting with the SM2 decrypt...
CVE-2026-23965
- EPSS 0.01%
- Veröffentlicht 22.01.2026 02:05:43
- Zuletzt bearbeitet 25.02.2026 15:27:23
sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto prior to version 0.4.0. Under default configuration...
CVE-2026-23967
- EPSS 0.01%
- Veröffentlicht 22.01.2026 01:59:30
- Zuletzt bearbeitet 25.02.2026 15:31:26
sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature malleability vulnerability exists in the SM2 signature verification logic of the sm-crypto library prior to version 0.3.14. An attack...