Platform
ruby
Component
bcrypt
Fixed in
3.1.23
3.1.22
CVE-2026-33306 describes an integer overflow vulnerability discovered in the Java BCrypt implementation within the bcrypt-ruby gem. This flaw allows an attacker to bypass the intended key-strengthening process, effectively rendering bcrypt useless. The vulnerability impacts applications using bcrypt-ruby versions less than or equal to 3.1.9, and a fix is available in version 3.1.22.
The core impact of this vulnerability lies in the drastic reduction of bcrypt's security. Normally, bcrypt uses a cost parameter to determine the number of iterations performed during password hashing, making it computationally expensive to crack. However, with CVE-2026-33306, when the cost is set to 31 (the maximum allowed by the gem), the integer overflow causes the iteration count to become negative, resulting in zero iterations. This effectively transforms bcrypt into a trivial hashing function, allowing attackers to easily crack passwords using readily available tools. The blast radius is significant, as any application relying on bcrypt-ruby for password storage within the affected version range is vulnerable. This includes web applications, APIs, and any other system storing user credentials using this gem. The data at risk includes user passwords, potentially leading to account compromise, data breaches, and reputational damage.
CVE-2026-33306 was published on 2026-03-19. Its exploitation probability is currently assessed as medium, given the potential for widespread use of the affected bcrypt-ruby gem and the relative ease of exploiting the vulnerability once identified. No public proof-of-concept exploits are currently known, but the vulnerability's simplicity suggests that one may emerge. It is not currently listed on KEV or EPSS, but the potential impact warrants monitoring. Refer to the NVD entry for updates and further information.
Exploit Status
EPSS
0.01% (1% percentile)
CISA SSVC
The primary mitigation for CVE-2026-33306 is to upgrade the bcrypt-ruby gem to version 3.1.22 or later. This version contains a fix that prevents the integer overflow. If an immediate upgrade is not feasible due to compatibility issues or breaking changes, consider temporarily reducing the bcrypt cost parameter below 31. While this reduces the strength of bcrypt, it prevents the zero-iteration vulnerability. Monitor application logs for unusual activity related to password hashing. While no specific WAF or proxy rules are directly applicable, ensuring robust input validation and rate limiting can help mitigate potential brute-force attacks. After upgrading, confirm the fix by attempting to hash a password with a cost of 31 and verifying that the iteration count is not zero.
Update the bcrypt-ruby gem to version 3.1.22 or higher. Alternatively, if you are using the cost option, ensure that the cost is less than 31.
Vulnerability analysis and critical alerts directly to your inbox.
It's an Integer Overflow vulnerability in the Java BCrypt implementation of the bcrypt-ruby gem, causing bcrypt to perform zero iterations when the cost is set to 31, significantly weakening password hashing.
If you are using bcrypt-ruby versions 3.1.9 or earlier, you are potentially affected. Check your gem dependencies immediately.
Upgrade to bcrypt-ruby version 3.1.22 or later to resolve the integer overflow and restore bcrypt's intended security.
No public exploits are currently known, but the vulnerability's simplicity suggests potential for future exploitation. Monitor for updates and advisories.
Refer to the National Vulnerability Database (NVD) entry for CVE-2026-33306 and the bcrypt-ruby gem's release notes for details on the fix.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your Gemfile.lock file and we'll tell you instantly if you're affected.