CVE-2026-22696
Unknown Unknown - Not Provided
Cryptographic Verification Bypass in dcap-qvl Enables Quote Forgery

Publication date: 2026-01-26

Last updated on: 2026-01-26

Assigner: GitHub, Inc.

Description
dcap-qvl implements the quote verification logic for DCAP (Data Center Attestation Primitives). A vulnerability present in versions prior to 0.3.9 involves a critical gap in the cryptographic verification process within the dcap-qvl. The library fetches QE Identity collateral (including qe_identity, qe_identity_signature, and qe_identity_issuer_chain) from the PCCS. However, it skips to verify the QE Identity signature against its certificate chain and does not enforce policy constraints on the QE Report. An attacker can forge the QE Identity data to whitelist a malicious or non-Intel Quoting Enclave. This allows the attacker to forge the QE and sign untrusted quotes that the verifier will accept as valid. Effectively, this bypasses the entire remote attestation security model, as the verifier can no longer trust the entity responsible for signing the quotes. All deployments utilizing the dcap-qvl library for SGX or TDX quote verification are affected. The vulnerability has been patched in dcap-qvl version 0.3.9. The fix implements the missing cryptographic verification for the QE Identity signature and enforces the required checks for MRSIGNER, ISVPRODID, and ISVSVN against the QE Report. Users of the `@phala/dcap-qvl-node` and `@phala/dcap-qvl-web` packages should switch to the pure JavaScript implementation, `@phala/dcap-qvl`. There are no known workarounds for this vulnerability. Users must upgrade to the patched version to ensure that QE Identity collateral is properly verified.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-26
Last Modified
2026-01-26
Generated
2026-05-27
AI Q&A
2026-01-27
EPSS Evaluated
2026-05-25
NVD
CVE-2026-22696
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
phala dcap-qvl to 0.3.9 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the dcap-qvl library versions prior to 0.3.9, which is responsible for verifying quotes in Intel SGX or TDX environments. The issue is that the library fails to verify the QE Identity signature against its certificate chain and does not enforce policy constraints on the QE Report. This allows an attacker to forge QE Identity data to whitelist a malicious or non-Intel Quoting Enclave, enabling them to sign untrusted quotes that the verifier will accept as valid. Essentially, this bypasses the remote attestation security model, making the verifier unable to trust the entity signing the quotes.


How can this vulnerability impact me? :

The vulnerability allows attackers to forge quotes that appear valid to the verifier, effectively bypassing the remote attestation security model. This means that untrusted or malicious enclaves can be accepted as legitimate, potentially leading to unauthorized access, data breaches, or execution of malicious code within trusted environments relying on SGX or TDX quote verification.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you must upgrade the dcap-qvl library to version 0.3.9 or later, which includes the necessary cryptographic verification for the QE Identity signature and enforces policy checks on the QE Report. Users of the @phala/dcap-qvl-node and @phala/dcap-qvl-web packages should switch to the pure JavaScript implementation, @phala/dcap-qvl. There are no known workarounds, so upgrading is essential to ensure security.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart