Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
Mend.io Vulnerability Database
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
We found results for “”
CVE-2026-24850
Good to know:
Date: January 27, 2026
The ML-DSA crate is a Rust implementation of the Module-Lattice-Based Digital Signature Standard (ML-DSA). Starting in version 0.0.4 and prior to version 0.1.0-rc.4, the ML-DSA signature verification implementation in the RustCrypto "ml-dsa" crate incorrectly accepts signatures with repeated (duplicate) hint indices. According to the ML-DSA specification (FIPS 204 / RFC 9881), hint indices within each polynomial must be strictly increasing. The current implementation uses a non-strict monotonic check ("<=" instead of "<"), allowing duplicate indices. This is a regression bug. The original implementation was correct, but a commit in version 0.0.4 inadvertently changed the strict "<" comparison to "<=", introducing the vulnerability. Version 0.1.0-rc.4 fixes the issue.
Severity Score
Related Resources (14)
Severity Score
Weakness Type (CWE)
Improper Verification of Cryptographic Signature
CWE-347Top Fix
Upgrade Version
Upgrade to version ml-dsa - 0.1.0-rc.4;https://github.com/RustCrypto/signatures.git - ml-dsa/v0.1.0-rc.4
CVSS v3.1
| Base Score: |
|
|---|---|
| Attack Vector (AV): | NETWORK |
| Attack Complexity (AC): | LOW |
| Privileges Required (PR): | NONE |
| User Interaction (UI): | NONE |
| Scope (S): | UNCHANGED |
| Confidentiality (C): | NONE |
| Integrity (I): | LOW |
| Availability (A): | NONE |