CVE-2026-24785
Unknown Unknown - Not Provided
Protocol Compliance Vulnerability in Clatter Noise PQ Handshake Patterns

Publication date: 2026-01-28

Last updated on: 2026-02-27

Assigner: GitHub, Inc.

Description
Clatter is a no_std compatible, pure Rust implementation of the Noise protocol framework with post-quantum support. Versiosn prior to2.2.0 have a protocol compliance vulnerability. The library allowed post-quantum handshake patterns that violated the PSK validity rule (Noise Protocol Framework Section 9.3). This could allow PSK-derived keys to be used for encryption without proper randomization by self-chosen ephemeral randomness, weakening security guarantees and potentially allowing catastrophic key reuse. Affected default patterns include `noise_pqkk_psk0`, `noise_pqkn_psk0`, `noise_pqnk_psk0`, `noise_pqnn_psk0``, and some hybrid variants. Users of these patterns may have been using handshakes that do not meet the intended security properties. The issue is fully patched and released in Clatter v2.2.0. The fixed version includes runtime checks to detect offending handshake patterns. As a workaround, avoid using offending `*_psk0` variants of post-quantum patterns. Review custom handshake patterns carefully.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-28
Last Modified
2026-02-27
Generated
2026-06-16
AI Q&A
2026-01-29
EPSS Evaluated
2026-06-15
NVD
CVE-2026-24785
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
jmlepisto clatter to 2.2.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Clatter versions prior to 2.2.0, a Rust implementation of the Noise protocol framework with post-quantum support. The issue is a protocol compliance vulnerability where certain post-quantum handshake patterns (specifically those ending with '_psk0') violated the PSK validity rule from the Noise Protocol Framework. This violation allowed PSK-derived keys to be used for encryption without proper randomization by ephemeral randomness, weakening security guarantees and potentially causing catastrophic key reuse. The vulnerability affects default patterns like noise_pqkk_psk0, noise_pqkn_psk0, noise_pqnk_psk0, noise_pqnn_psk0, and some hybrid variants. The issue is fixed in Clatter v2.2.0 with runtime checks to detect offending handshake patterns.

Impact Analysis

This vulnerability can weaken the security of encrypted communications by allowing the reuse of keys derived from pre-shared keys (PSKs) without proper randomization. This can lead to catastrophic key reuse, which compromises the confidentiality and integrity of the communication. Users employing the affected handshake patterns may have handshakes that do not meet the intended security properties, potentially exposing sensitive data to attackers.

Detection Guidance

Detection can be done by checking if your system or application is using Clatter versions prior to 2.2.0 and if it employs the affected post-quantum handshake patterns such as noise_pqkk_psk0, noise_pqkn_psk0, noise_pqnk_psk0, noise_pqnn_psk0, or related hybrid variants. Since the fixed version 2.2.0 includes runtime checks to detect offending handshake patterns, upgrading to this version is recommended. Specific commands are not provided in the available information.

Mitigation Strategies

Immediate mitigation steps include upgrading Clatter to version 2.2.0 or later, which contains the fix and runtime checks for the vulnerability. As a workaround, avoid using the affected *_psk0 variants of post-quantum handshake patterns and carefully review any custom handshake patterns to ensure they comply with the PSK validity rule.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24785. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart