CVE-2026-26014
Analyzed Analyzed - Analysis Complete
Nonce Reuse Vulnerability in Pion DTLS Enables Key Spoofing

Publication date: 2026-02-11

Last updated on: 2026-02-25

Assigner: GitHub, Inc.

Description
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.0.10 and 3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack". Upgrade to v3.0.11, v3.1.1, or later.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-11
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-11
EPSS Evaluated
2026-06-14
NVD
CVE-2026-26014
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
pion dtls to 3.1.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Pion DTLS, a Go implementation of Datagram Transport Layer Security, specifically in versions v1.0.0 through v3.1.0. It involves the use of random nonce generation with AES GCM ciphers that can lead to nonce reuse within a session. This nonce reuse makes it easier for remote attackers to obtain the authentication key and perform a "forbidden attack," allowing them to spoof data.

Impact Analysis

The vulnerability can allow remote attackers to obtain the authentication key used in the DTLS session. This can lead to data spoofing, where attackers can inject or alter data in the communication stream without detection. Such an attack compromises the integrity and authenticity of the data transmitted, potentially leading to unauthorized actions or misinformation.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, upgrade Pion DTLS to version v3.1.0 or later.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-26014. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart