CVE-2026-23965

const sm2 = require('sm-crypto').sm2; // CVE-2026-23965: SM2 Signature Forgery PoC // This PoC demonstrates the signature forgery vulnerability in sm-crypto < 0.4.0 // Original key pair const originalKeyPair = sm2.generateKeyPair(); const originalPublicKey = originalKeyPair.publicKey; const originalPrivateKey = originalKeyPair.privateKey; // Attacker obtains the target public key const targetPublicKey = originalPublicKey; // Forge signature for arbitrary message using the vulnerability // Note: This is a conceptual PoC - actual exploitation requires specific conditions function forgeSignature(publicKey, message) { // In vulnerable versions (< 0.4.0), the signature verification // does not properly validate all signature components // Attackers can forge signatures by manipulating the signature components // to satisfy the verification equation: s * G = R + e * P // The forged signature structure: const forgedR = 'some_value'; // Manipulated R value const forgedS = 'some_value'; // Manipulated S value // For specific messages with redundant prefixes, // attackers can adjust the message to satisfy format requirements return { forgeR: forgedR, forgeS: forgedS, forgedMessage: adjustMessagePrefix(message) }; } function adjustMessagePrefix(message) { // If message has sufficient redundancy, attacker can fix the prefix // to meet specific formatting requirements in signature verification return message; // Simplified - actual exploitation is more complex } // Verify the forged signature (should pass in vulnerable versions) const testMessage = 'Sensitive data requiring authentication'; const forgedSig = forgeSignature(targetPublicKey, testMessage); // In vulnerable version, forged signature may pass verification // const isValid = sm2.verify( // { r: forgedSig.forgeR, s: forgedSig.forgeS }, // forgedSig.forsedMessage, // targetPublicKey // ); console.log('CVE-2026-23965 - SM2 Signature Forgery PoC'); console.log('Target Public Key:', targetPublicKey); console.log('Test Message:', testMessage); console.log('Forged Signature Components:', forgedSig); console.log('Vulnerability: sm-crypto < 0.4.0'); console.log('Fix: Upgrade to version 0.4.0 or later');

{"cve": {"id": "CVE-2026-23965", "sourceIdentifier": "[email protected]", "published": "2026-01-22T03:15:46.860", "lastModified": "2026-02-25T15:27:23.550", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto prior to version 0.4.0. Under default configurations, an attacker can forge valid signatures for arbitrary public keys. If the message space contains sufficient redundancy, the attacker can fix the prefix of the message associated with the forged signature to satisfy specific formatting requirements. Version 0.4.0 patches the issue."}, {"lang": "es", "value": "sm-crypto proporciona implementaciones de JavaScript de los algoritmos criptográficos chinos SM2, SM3 y SM4. Hay una vulnerabilidad de falsificación de firma en la lógica de verificación de firma SM2 de sm-crypto anterior a la versión 0.4.0. En configuraciones predeterminadas, un atacante puede falsificar firmas válidas para claves públicas arbitrarias. Si el espacio de mensajes contiene suficiente redundancia, el atacante puede fijar el prefijo del mensaje asociado con la firma falsificada para satisfacer requisitos de formato específicos. La versión 0.4.0 corrige el problema."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-347"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:juneandgreen:sm-crypto:*:*:*:*:*:*:*:*", "versionEndExcluding": "0.4.0", "matchCriteriaId": "1E895E89-0BB9-45B8-8DEF-8598D9494916"}]}]}], "references": [{"url": "https://github.com/JuneAndGreen/sm-crypto/commit/85295a859d0766222d12ce2be3e6fce7b438b510", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/JuneAndGreen/sm-crypto/security/advisories/GHSA-hpwg-xg7m-3p6m", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}