CVE-2026-33895 — Vulnetix

CVE-2026-33895 PUBLISHED CVSS 7.5 HIGH

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, Ed25519 signature verification accepts forged non-canonical signatures where the scalar S is not reduced modulo the group order (`S >= L`). A valid signature and its `S + L` variant both verify in forge, while Node.js `crypto.verify` (OpenSSL-backed) rejects the `S + L` variant, as defined by the specification. This class of signature malleability has been exploited in practice to bypass authentication and authorization logic (see CVE-2026-25793, CVE-2022-35961). Applications relying on signature uniqueness (i.e., dedup by signature bytes, replay tracking, signed-object canonicalization checks) may be bypassed. Version 1.4.0 patches the issue.

EPSS 0.04% · 13.3th percentile

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS Score

0.04%

13.3th percentile

Affected Products

Vendor	Product	Versions
digitalbazaar	forge	< 1.4.0, < 1.4.0, < 1.4.0
npm	node-forge	0, 0, 0

Exploit Intelligence

CIRCL seen: CVE-2026-33895 (circl-sighting)
CIRCL seen: CVE-2026-33895 (circl-sighting)
CIRCL seen: CVE-2026-33895 (circl-sighting)
https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw (circl)
https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85 (circl)
https://datatracker.ietf.org/doc/html/rfc8032#section-8.4 (circl)
.trivyignore.yml (github-poc)
trivity-report.html (github-poc)
.trivyignore.yml (github-poc)
.trivyignore.yml (github-poc)

…and 10 more exploits

Timeline

Mar 26, 2026 CVE Published
Mar 27, 2026 CVE Updated
Mar 27, 2026 Security Advisory
Mar 27, 2026 Security Advisory
Mar 27, 2026 Security Advisory
Mar 27, 2026 PoC Published
Mar 27, 2026 PoC Published
Mar 28, 2026 EPSS Score
Apr 14, 2026 PoC Published
May 18, 2026 EPSS Score
May 19, 2026 EPSS Score
May 20, 2026 EPSS Score

References

Open in Interactive Console →