Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-4601

Summary
Assigner-snyk
Assigner Org ID-bae035ff-b466-4ff4-94d0-fc9efd9e1730
Published At-23 Mar, 2026 | 05:00
Updated At-23 Mar, 2026 | 14:41
Rejected At-
Credits

Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:snyk
Assigner Org ID:bae035ff-b466-4ff4-94d0-fc9efd9e1730
Published At:23 Mar, 2026 | 05:00
Updated At:23 Mar, 2026 | 14:41
Rejected At:
▼CVE Numbering Authority (CNA)

Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature.

Affected Products
Vendor
n/a
Product
jsrsasign
Versions
Affected
  • From 0 before 11.1.1 (semver)
Problem Types
TypeCWE IDDescription
N/AN/AMissing Cryptographic Step
Type: N/A
CWE ID: N/A
Description: Missing Cryptographic Step
Metrics
VersionBase scoreBase severityVector
3.18.7HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:P
4.09.4CRITICAL
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:P
Version: 3.1
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:P
Version: 4.0
Base score: 9.4
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:P
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Kr0emer
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941
N/A
https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586
N/A
https://github.com/kjur/jsrsasign/pull/645
N/A
https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0eb
N/A
Hyperlink: https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941
Resource: N/A
Hyperlink: https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586
Resource: N/A
Hyperlink: https://github.com/kjur/jsrsasign/pull/645
Resource: N/A
Hyperlink: https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0eb
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:report@snyk.io
Published At:23 Mar, 2026 | 06:16
Updated At:22 Jun, 2026 | 03:18

Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.8HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.18.7HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Primary3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
N/A
Type: Secondary
Version: 4.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Type: Primary
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches
kjur
kjur
>>jsrsasign>>Versions before 11.1.1(exclusive)
cpe:2.3:a:kjur:jsrsasign:*:*:*:*:*:node.js:*:*
Weaknesses
CWE IDTypeSource
CWE-325Secondaryreport@snyk.io
CWE ID: CWE-325
Type: Secondary
Source: report@snyk.io
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586report@snyk.io
Exploit
Mitigation
Third Party Advisory
https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0ebreport@snyk.io
Patch
https://github.com/kjur/jsrsasign/pull/645report@snyk.io
Issue Tracking
https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941report@snyk.io
Third Party Advisory
Hyperlink: https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586
Source: report@snyk.io
Resource:
Exploit
Mitigation
Third Party Advisory
Hyperlink: https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0eb
Source: report@snyk.io
Resource:
Patch
Hyperlink: https://github.com/kjur/jsrsasign/pull/645
Source: report@snyk.io
Resource:
Issue Tracking
Hyperlink: https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941
Source: report@snyk.io
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

3Records found
CVE-2026-4599
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-9.3||CRITICAL
EPSS-0.34% / 26.29%
||
7 Day CHG~0.00%
Published-23 Mar, 2026 | 05:00
Updated-22 Jun, 2026 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect compareTo checks that accept out-of-range candidates and thus bias DSA nonces during signature generation.

Action-Not Available
Vendor-kjurn/a
Product-jsrsasignjsrsasign
CWE ID-CWE-1023
Incomplete Comparison with Missing Factors
CVE-2021-30246
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.96% / 56.93%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 20:11
Updated-22 Jun, 2026 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the jsrsasign package through 10.1.13 for Node.js, some invalid RSA PKCS#1 v1.5 signatures are mistakenly recognized to be valid. NOTE: there is no known practical attack.

Action-Not Available
Vendor-kjurn/a
Product-jsrsasignn/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2026-4600
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-9.1||CRITICAL
EPSS-0.15% / 4.80%
||
7 Day CHG~0.00%
Published-23 Mar, 2026 | 05:00
Updated-22 Jun, 2026 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Versions of the package jsrsasign before 11.1.1 are vulnerable to Improper Verification of Cryptographic Signature via the DSA domain-parameter validation in KJUR.crypto.DSA.setPublic (and the related DSA/X509 verification flow in src/dsa-2.0.js). An attacker can forge DSA signatures or X.509 certificates that X509.verifySignature() accepts by supplying malicious domain parameters such as g=1, y=1, and a fixed r=1, which make the verification equation true for any hash.

Action-Not Available
Vendor-kjurn/a
Product-jsrsasignjsrsasign
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
Details not found