{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23967", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-19T14:49:06.314Z", "datePublished": "2026-01-22T01:59:30.555Z", "dateUpdated": "2026-01-22T16:03:58.987Z"}, "containers": {"cna": {"title": "sm-crypto Affected by Signature Malleability in SM2-DSA", "problemTypes": [{"descriptions": [{"cweId": "CWE-347", "lang": "en", "description": "CWE-347: Improper Verification of Cryptographic Signature", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/JuneAndGreen/sm-crypto/security/advisories/GHSA-qv7w-v773-3xqm", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/JuneAndGreen/sm-crypto/security/advisories/GHSA-qv7w-v773-3xqm"}], "affected": [{"vendor": "JuneAndGreen", "product": "sm-crypto", "versions": [{"version": "< 0.3.14", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-22T01:59:30.555Z"}, "descriptions": [{"lang": "en", "value": "sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature malleability vulnerability exists in the SM2 signature verification logic of the sm-crypto library prior to version 0.3.14. An attacker can derive a new valid signature for a previously signed message from an existing signature. Version 0.3.14 patches the issue."}], "source": {"advisory": "GHSA-qv7w-v773-3xqm", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-22T16:03:25.576580Z", "id": "CVE-2026-23967", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T16:03:58.987Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23967", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-22T16:03:25.576580Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T16:03:46.053Z"}}], "cna": {"title": "sm-crypto Affected by Signature Malleability in SM2-DSA", "source": {"advisory": "GHSA-qv7w-v773-3xqm", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "JuneAndGreen", "product": "sm-crypto", "versions": [{"status": "affected", "version": "< 0.3.14"}]}], "references": [{"url": "https://github.com/JuneAndGreen/sm-crypto/security/advisories/GHSA-qv7w-v773-3xqm", "name": "https://github.com/JuneAndGreen/sm-crypto/security/advisories/GHSA-qv7w-v773-3xqm", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature malleability vulnerability exists in the SM2 signature verification logic of the sm-crypto library prior to version 0.3.14. An attacker can derive a new valid signature for a previously signed message from an existing signature. Version 0.3.14 patches the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-347", "description": "CWE-347: Improper Verification of Cryptographic Signature"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-22T01:59:30.555Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23967", "state": "PUBLISHED", "dateUpdated": "2026-01-22T16:03:58.987Z", "dateReserved": "2026-01-19T14:49:06.314Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-22T01:59:30.555Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:juneandgreen:sm-crypto:*:*:*:*:*:*:*:*", "matchCriteriaId": "902F9DFD-B5BC-4BF4-9AF2-CB42F616B3D4", "versionEndExcluding": "0.3.14", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature malleability vulnerability exists in the SM2 signature verification logic of the sm-crypto library prior to version 0.3.14. An attacker can derive a new valid signature for a previously signed message from an existing signature. Version 0.3.14 patches the issue."}], "id": "CVE-2026-23967", "lastModified": "2026-02-25T15:31:26.013", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-01-22T03:15:47.167", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/JuneAndGreen/sm-crypto/security/advisories/GHSA-qv7w-v773-3xqm"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-347"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T03:58:35.646109+00:00", "value": {"mitigation_remediation": ["Upgrade sm-crypto to version 0.3.14 or later to eliminate the malleability flaw.", "Re\u2011verify all critical SM2 signatures that were generated with earlier releases, if possible, to detect any that could have been forged.", "Implement additional checks to validate SM2 signatures against expected message hashes and reject malformed or altered signatures.", "If an upgrade is not immediately feasible, limit the use of the SM2 verification routines to trusted environments and monitor for signature forgeries or authentication anomalies."], "summary": {"action": "Apply Patch", "impact": "Signature Forgery"}, "threat_synthesis": {"affected_systems": "The vulnerability applies to the Jun eAndGreen sm-crypto library in all releases prior to version 0.3.14. The affected product is the JavaScript implementation of Chinese cryptographic algorithms SM2, SM3, and SM4 provided by the JuneAndGreen sm-crypto repository. Upgrading to 0.3.14 or later addresses the issue.", "description_and_impact": "sm-crypto contains a signature malleability flaw in its SM2 signature verification routine that allows an attacker to compute a new valid signature from an existing one. The weakness enables forging of digital signatures, thereby undermining the authentication guarantees of any system that relies on SM2 signatures for integrity or authorization. This is a classic example of improper handling of signature malleability, classified as CWE-347.", "risk_and_exploitability": "The CVSS score of 7.5 places the flaw in the high\u2011severity range, reflecting a significant impact should it be exploited. The current EPSS score is below 1\u202f%, indicating that exploitation attempts are unlikely at present, and the vulnerability is not listed in the CISA KEV catalog. It is inferred that an attacker would need possession of a valid SM2 signature and the corresponding message to craft a forged signature, making the attack more likely in controlled or offline environments where such credentials are available."}}}}, "created": "2026-01-22T10:08:02.028919+00:00", "updated": "2026-04-18T04:00:08.424407+00:00", "vendors": ["juneandgreen", "juneandgreen$PRODUCT$sm-crypto"]}