CVE-2026-34610
Received Received - Intake
Integer Overflow in leancrypto CN Parsing Enables Identity Impersonation

Publication date: 2026-04-02

Last updated on: 2026-04-24

Assigner: GitHub, Inc.

Description
The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lc_x509_extract_name_segment() casts size_t vlen to uint8_t when storing the Common Name (CN) length. An attacker who crafts a certificate with CN = victim's CN + 256 bytes padding gets cn_size = (uint8_t)(256 + N) = N, where N is the victim's CN length. The first N bytes of the attacker's CN are the victim's identity. After parsing, the attacker's certificate has an identical CN to the victim's β€” enabling identity impersonation in PKCS#7 verification, certificate chain matching, and code signing. This issue has been patched in version 1.7.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-02
Last Modified
2026-04-24
Generated
2026-06-16
AI Q&A
2026-04-02
EPSS Evaluated
2026-06-15
NVD
CVE-2026-34610
EUVD
EUVD-2026-18466
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
leancrypto leancrypto to 1.7.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-681 When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in the leancrypto library involves an integer truncation bug in the function that parses the Common Name (CN) field of X.509 certificates. Specifically, the length of the CN is cast from a larger size type to an 8-bit integer, causing overflow when the CN length exceeds 255 bytes. An attacker can craft a malicious certificate with a CN that includes the victim's CN plus 256 bytes of padding. Due to the truncation, the stored CN length wraps around, making the attacker’s CN appear identical to the victim’s CN during parsing.

This flaw allows the attacker to impersonate the victim's identity in certificate verification processes such as PKCS#7 signature verification, certificate chain matching, and code signing. The root cause is improper type casting leading to data truncation and partial matching of subject names, enabling identity spoofing.

Impact Analysis

This vulnerability can allow an attacker to impersonate another entity by crafting a malicious certificate that appears to have the same Common Name (CN) as a legitimate certificate. This impersonation can be exploited in security-sensitive operations such as PKCS#7 signature verification, certificate chain validation, and code signing.

As a result, an attacker could bypass identity checks, potentially leading to unauthorized code execution or trust bypass. The vulnerability affects the integrity of the system by allowing identity spoofing, although it does not impact confidentiality or availability.

Detection Guidance

This vulnerability involves a flaw in the parsing of X.509 certificate Common Name (CN) fields where the CN length is truncated due to casting from size_t to uint8_t. Detection involves identifying certificates with unusually long CN fields (greater than 255 bytes) that could exploit this truncation.

To detect this on your system or network, you can inspect certificates used in your environment for CN fields exceeding 255 bytes. Commands that parse and display certificate subject names can help identify suspicious certificates.

  • Use OpenSSL to inspect certificate CN length: `openssl x509 -in certificate.pem -noout -subject` and check if the CN component length is suspiciously long.
  • Extract the CN field length programmatically, for example using OpenSSL and parsing the output with scripting languages (e.g., Python, Bash) to flag CNs longer than 255 bytes.
  • Monitor certificate chains and PKCS#7 signatures for unexpected identity matches or duplicates that could indicate impersonation attempts.
Mitigation Strategies

The primary mitigation is to upgrade the leancrypto library to version 1.7.1 or later, where the vulnerability has been fixed by correcting the size handling of X.509 subject name components.

If upgrading immediately is not possible, consider implementing strict certificate validation policies that reject certificates with unusually long CN fields or those that appear to impersonate other identities.

Additionally, review and monitor your certificate usage, especially in PKCS#7 verification, certificate chain matching, and code signing processes, to detect and block suspicious certificates.

Use the updated library features such as the selectable AES-C implementation for enhanced security, as introduced in version 1.7.1.

Compliance Impact

The vulnerability enables identity impersonation by allowing an attacker to craft a certificate that appears to have the same Common Name (CN) as a victim. This impersonation can be exploited in PKCS#7 verification, certificate chain matching, and code signing, potentially allowing unauthorized code execution or trust bypass.

Such impersonation and trust bypass issues can undermine the integrity of cryptographic operations and identity verification processes, which are critical for compliance with security requirements in standards like GDPR and HIPAA. These regulations mandate strong protections for identity verification and data integrity to prevent unauthorized access and ensure data security.

Therefore, this vulnerability could negatively impact compliance by weakening the assurance of identity and integrity in cryptographic processes, potentially leading to unauthorized access or data manipulation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-34610. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart