CVE-2026-23965
Unknown Unknown - Not Provided

SM2 Signature Forgery in sm-crypto Allows Arbitrary Signature Creation

Vulnerability report for CVE-2026-23965, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-01-22

Last updated on: 2026-02-25

Assigner: GitHub, Inc.

Description

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto prior to version 0.4.0. Under default configurations, an attacker can forge valid signatures for arbitrary public keys. If the message space contains sufficient redundancy, the attacker can fix the prefix of the message associated with the forged signature to satisfy specific formatting requirements. Version 0.4.0 patches the issue.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-01-22
Last Modified
2026-02-25
Generated
2026-07-06
AI Q&A
2026-01-22
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
juneandgreen sm-crypto to 0.4.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a signature forgery flaw in the SM2 digital signature verification logic of the sm-crypto JavaScript library versions prior to 0.4.0. It allows an attacker to forge valid digital signatures for arbitrary public keys without any privileges or user interaction. The attacker can also craft the message prefix to meet specific formatting requirements if the message space has enough redundancy. The root cause is improper verification of cryptographic signatures, which was fixed by changing the default behavior to perform SM3 hashing before signature verification in version 0.4.0. [1, 2]

Impact Analysis

This vulnerability can lead to a high integrity breach by allowing attackers to forge valid digital signatures. This means attackers can impersonate legitimate users or systems, bypass authentication, or authorize malicious actions without detection. However, it does not affect confidentiality or availability. The attack can be performed remotely with low complexity and no privileges required. [2]

Mitigation Strategies

Upgrade the sm-crypto library to version 0.4.0 or later, which patches the signature forgery vulnerability by changing the default behavior of the SM2 sign and verify functions to perform SM3 hashing before signing or verifying. Avoid using versions prior to 0.4.0 to prevent exploitation of this vulnerability. [1, 2]

Compliance Impact

The vulnerability allows an attacker to forge valid digital signatures, resulting in a high integrity breach. This undermines the trustworthiness and authenticity of data or communications protected by the sm-crypto library. Such integrity violations can negatively impact compliance with standards and regulations like GDPR and HIPAA, which require ensuring data integrity and authenticity to protect personal and sensitive information. Therefore, using vulnerable versions of sm-crypto prior to 0.4.0 could lead to non-compliance risks related to data integrity requirements. [2]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23965. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart