Platform
nodejs
Component
node-forge
Fixed in
1.4.1
1.4.0
CVE-2026-33895 affects the node-forge library, a JavaScript library for cryptographic primitives. This vulnerability allows attackers to forge Ed25519 signatures by exploiting a flaw in signature verification where non-canonical signatures are accepted. This can lead to authentication and authorization bypass, potentially granting unauthorized access. Affected versions are those prior to 1.4.0, and a fix is available in version 1.4.0.
The core of this vulnerability lies in the flawed Ed25519 signature verification process within node-forge. Specifically, the library incorrectly accepts signatures where the scalar 'S' is not reduced modulo the group order (S >= L). This malleability means a valid signature and its 'S + L' variant both pass verification in node-forge, while standard implementations like Node.js's crypto.verify (backed by OpenSSL) correctly reject the 'S + L' variant. This discrepancy can be exploited to bypass authentication checks. Real-world examples of this signature malleability being exploited have already been observed, as referenced in the CVE description (CVE-2026-25793 and CVE-2022-35961), demonstrating the potential for significant impact.
CVE-2026-33895 was publicly disclosed on March 26, 2026. The vulnerability is related to previously observed signature malleability issues in Ed25519 implementations, as evidenced by the references to CVE-2026-25793 and CVE-2022-35961. The EPSS score is currently pending evaluation, but given the demonstrated exploitability and the potential for authentication bypass, a medium to high probability of exploitation is likely. Public proof-of-concept code is expected to emerge, increasing the risk of widespread exploitation.
Exploit Status
EPSS
0.03% (7% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-33895 is to upgrade to node-forge version 1.4.0 or later. If upgrading immediately is not feasible, consider implementing stricter signature validation on the receiving end, even if it increases complexity. This could involve verifying the signature against multiple implementations (e.g., node-forge and Node.js's built-in crypto module) to detect discrepancies. While a WAF or proxy cannot directly address this vulnerability, they can be configured to monitor for suspicious signature patterns or unexpected authentication behavior. There are no specific Sigma or YARA rules available at this time, but monitoring for unusual signature verification requests is recommended.
Update the Forge library to version 1.4.0 or higher. This corrects the Ed25519 signature forgery vulnerability by adding the missing S > L verification.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-33895 is a HIGH severity vulnerability in node-forge versions before 1.4.0 that allows attackers to forge Ed25519 signatures, potentially bypassing authentication.
If you are using node-forge versions prior to 1.4.0, you are potentially affected. Assess your dependencies and upgrade as soon as possible.
Upgrade to node-forge version 1.4.0 or later to resolve this signature forgery vulnerability.
While active exploitation is not yet confirmed, the vulnerability is related to previously exploited signature malleability issues, increasing the likelihood of exploitation.
Refer to the node-forge project's official website and GitHub repository for updates and advisories related to CVE-2026-33895.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.