CNNVD-202601-3905 Information

CNNVD ID

CNNVD-202601-3905

Related CVE

CVE-2026-23966

• CNNVD Published: 2026-01-22

Description (Chinese)

sm-crypto是june01个人开发者的一个加密算法。 sm-crypto 0.3.14之前版本存在数据伪造问题漏洞，该漏洞源于SM2解密逻辑存在缺陷，可能导致私钥恢复。

Description (English)

The sm-crypto is an encryption algorithm for the June01 personal developer. The previous version of sm-crypto 0.3.14 had a gap in data forgery, which stemmed from deficiencies in the SM2 declassification logic and could lead to the restoration of the private key.

Hazard Level

Low

Vulnerability Type

数据伪造问题

Affected Vendor

个人开发者

Published

2026-01-22

Last Modified

2026-02-24

References

https://github.com/JuneAndGreen/sm-crypto/commit/b1c824e58fdf1eaa73692c124a095819a8c45707 https://github.com/JuneAndGreen/sm-crypto/security/advisories/GHSA-pgx9-497m-6c4v

Patch

https://github.com/JuneAndGreen/sm-crypto