CVE-2026-4601
Last modified
CVE-2026-4601 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature.. EPSS estimates a 0.22% chance of exploitation in the next 30 days.
Description
Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Kjur | Jsrsasign | < 11.1.1 |
References
- https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586Exploit, Mitigation, Third Party Advisory
- https://github.com/kjur/jsrsasign/pull/645Issue Tracking
- https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-4601?
How severe is CVE-2026-4601?
How do I fix CVE-2026-4601?
Are you affected by CVE-2026-4601?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST