Rust Crypto ML-DSA Crate Signature Verification Vulnerability
CVE-2026-24850
5.3MEDIUM
What is CVE-2026-24850?
The ML-DSA crate, part of RustCrypto, has a vulnerability in its signature verification implementation that incorrectly allows repeated hint indices due to a regression from version 0.0.4. According to the ML-DSA specification, hint indices within each polynomial are required to be strictly increasing, but this scan allows duplicates by using a non-strict comparison. This flaw could lead to potential security issues, as the integrity of the signature verification process is compromised. The issue has been resolved in version 0.1.0-rc.4.
Affected Version(s)
signatures >= 0.0.4, < 0.1.0-rc.4
