CVE-2026-4601

Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature.

CVSS v3 8.7 HIGH

8.7^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.8

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586	Exploit Mitigation Third Party Advisory
https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0eb	Patch
https://github.com/kjur/jsrsasign/pull/645	Issue Tracking
https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:jsrsasign_project:jsrsasign:*:*:*:*:*:node.js:*:*

History

No history.

Information

Published : 2026-03-23 06:16

Updated : 2026-03-23 16:10

NVD link : CVE-2026-4601

Mitre link : CVE-2026-4601

CVE.ORG link : CVE-2026-4601

JSON object : View

Products Affected

jsrsasign_project

jsrsasign

CWE

CWE-325

Missing Cryptographic Step

{"id": "CVE-2026-4601", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "report@snyk.io", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.8, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "report@snyk.io", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.4, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-03-23T06:16:21.893", "references": [{"url": "https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "source": "report@snyk.io"}, {"url": "https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0eb", "tags": ["Patch"], "source": "report@snyk.io"}, {"url": "https://github.com/kjur/jsrsasign/pull/645", "tags": ["Issue Tracking"], "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941", "tags": ["Third Party Advisory"], "source": "report@snyk.io"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "report@snyk.io", "description": [{"lang": "en", "value": "CWE-325"}]}], "descriptions": [{"lang": "en", "value": "Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature."}, {"lang": "es", "value": "Las versiones del paquete jsrsasign anteriores a la 11.1.1 son vulnerables a Paso Criptogr\u00e1fico Faltante a trav\u00e9s del proceso KJUR.crypto.DSA.signWithMessageHash en la implementaci\u00f3n de firma DSA. Un atacante puede recuperar la clave privada forzando a r o s a ser cero, de modo que la biblioteca emite una firma inv\u00e1lida sin reintentar, y luego resuelve para x a partir de la firma resultante."}], "lastModified": "2026-03-23T16:10:01.390", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jsrsasign_project:jsrsasign:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "1EBBE1A6-4D19-4ED2-859C-73AFBDA25DEA", "versionEndExcluding": "11.1.1"}], "operator": "OR"}]}], "sourceIdentifier": "report@snyk.io"}