CVE-2026-4541 (GCVE-0-2026-4541)

Vulnerability from cvelistv5 – Published: 2026-03-22 08:35 – Updated: 2026-04-18 03:39 X_Open Source
VLAI?
Title
janmojzis tinyssh Ed25519 Signature crypto_sign_ed25519_tinyssh.c signature verification
Summary
A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/crypto_sign_ed25519_tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is restricted to local execution. The attack's complexity is rated as high. The exploitability is considered difficult. The exploit has been published and may be used. Upgrading to version 20260301 is recommended to address this issue. Patch name: 9c87269607e0d7d20174df742accc49c042cff17. Upgrading the affected component is recommended.
Severity ?
2 (Low)
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2.5 (Low)
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2.5 (Low)
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
CWE
  • CWE-347 - Improper Verification of Cryptographic Signature
  • CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
Impacted products
Vendor Product Version
janmojzis tinyssh Affected: 20250501
Unaffected: 20260301
Create a notification for this product.
Credits
pythok (VulDB User)
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-4541",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-23T15:33:32.521628Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-23T15:33:50.378Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "Ed25519 Signature Handler"
          ],
          "product": "tinyssh",
          "vendor": "janmojzis",
          "versions": [
            {
              "status": "affected",
              "version": "20250501"
            },
            {
              "status": "unaffected",
              "version": "20260301"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "pythok (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/crypto_sign_ed25519_tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is restricted to local execution. The attack\u0027s complexity is rated as high. The exploitability is considered difficult. The exploit has been published and may be used. Upgrading to version 20260301 is recommended to address this issue. Patch name: 9c87269607e0d7d20174df742accc49c042cff17. Upgrading the affected component is recommended."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 1,
            "vectorString": "AV:L/AC:H/Au:S/C:N/I:P/A:N/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "Improper Verification of Cryptographic Signature",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-345",
              "description": "Insufficient Verification of Data Authenticity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-18T03:39:33.191Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-352358 | janmojzis tinyssh Ed25519 Signature crypto_sign_ed25519_tinyssh.c signature verification",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/vuln/352358"
        },
        {
          "name": "VDB-352358 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/352358/cti"
        },
        {
          "name": "Submit #774687 | GitHub tinyssh 20250501 Cryptographic Issues",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/774687"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/janmojzis/tinyssh/issues/101"
        },
        {
          "tags": [
            "issue-tracking",
            "patch"
          ],
          "url": "https://github.com/janmojzis/tinyssh/pull/102"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/janmojzis/tinyssh/issues/101#issue-3983586116"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/janmojzis/tinyssh/commit/9c87269607e0d7d20174df742accc49c042cff17"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/janmojzis/tinyssh/releases/tag/20260301"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/janmojzis/tinyssh/"
        }
      ],
      "tags": [
        "x_open-source"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-03-01T00:00:00.000Z",
          "value": "Countermeasure disclosed"
        },
        {
          "lang": "en",
          "time": "2026-03-21T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-03-21T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-03-23T05:12:55.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "janmojzis tinyssh Ed25519 Signature crypto_sign_ed25519_tinyssh.c signature verification"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-4541",
    "datePublished": "2026-03-22T08:35:03.623Z",
    "dateReserved": "2026-03-21T15:10:27.592Z",
    "dateUpdated": "2026-04-18T03:39:33.191Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-4541",
      "date": "2026-04-20",
      "epss": "3e-05",
      "percentile": "0.0009"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-4541\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2026-03-22T09:15:59.683\",\"lastModified\":\"2026-04-18T05:16:22.490\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/crypto_sign_ed25519_tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is restricted to local execution. The attack\u0027s complexity is rated as high. The exploitability is considered difficult. The exploit has been published and may be used. Upgrading to version 20260301 is recommended to address this issue. Patch name: 9c87269607e0d7d20174df742accc49c042cff17. Upgrading the affected component is recommended.\"},{\"lang\":\"es\",\"value\":\"Se ha encontrado una falla en janmojzis tinyssh hasta 20250501. Afectada es una funci\u00f3n desconocida del archivo tinyssh/crypto_sign_ed25519_tinyssh.c del componente Gestor de Firma Ed25519. Esta manipulaci\u00f3n causa una verificaci\u00f3n incorrecta de la firma criptogr\u00e1fica. El ataque est\u00e1 restringido a la ejecuci\u00f3n local. La complejidad del ataque se califica como alta. La explotabilidad se considera dif\u00edcil. El exploit ha sido publicado y puede ser utilizado. Se recomienda actualizar a la versi\u00f3n 20260301 para abordar este problema. Nombre del parche: 9c87269607e0d7d20174df742accc49c042cff17. Se recomienda actualizar el componente afectado. Si desea obtener la mejor calidad de datos de vulnerabilidad, puede que tenga que visitar VulDB.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":2.0,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":2.5,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.0,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:S/C:N/I:P/A:N\",\"baseScore\":1.0,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":1.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-345\"},{\"lang\":\"en\",\"value\":\"CWE-347\"}]}],\"references\":[{\"url\":\"https://github.com/janmojzis/tinyssh/\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://github.com/janmojzis/tinyssh/commit/9c87269607e0d7d20174df742accc49c042cff17\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://github.com/janmojzis/tinyssh/issues/101\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://github.com/janmojzis/tinyssh/issues/101#issue-3983586116\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://github.com/janmojzis/tinyssh/pull/102\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://github.com/janmojzis/tinyssh/releases/tag/20260301\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/submit/774687\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/vuln/352358\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/vuln/352358/cti\",\"source\":\"cna@vuldb.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-4541\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-23T15:33:32.521628Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-23T15:33:46.444Z\"}}], \"cna\": {\"tags\": [\"x_open-source\"], \"title\": \"janmojzis tinyssh Ed25519 Signature crypto_sign_ed25519_tinyssh.c signature verification\", \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"pythok (VulDB User)\"}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 2, \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P\"}}, {\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 2.5, \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 2.5, \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 1, \"vectorString\": \"AV:L/AC:H/Au:S/C:N/I:P/A:N/E:POC/RL:OF/RC:C\"}}], \"affected\": [{\"vendor\": \"janmojzis\", \"modules\": [\"Ed25519 Signature Handler\"], \"product\": \"tinyssh\", \"versions\": [{\"status\": \"affected\", \"version\": \"20250501\"}, {\"status\": \"unaffected\", \"version\": \"20260301\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-03-01T00:00:00.000Z\", \"value\": \"Countermeasure disclosed\"}, {\"lang\": \"en\", \"time\": \"2026-03-21T00:00:00.000Z\", \"value\": \"Advisory disclosed\"}, {\"lang\": \"en\", \"time\": \"2026-03-21T01:00:00.000Z\", \"value\": \"VulDB entry created\"}, {\"lang\": \"en\", \"time\": \"2026-03-23T05:12:55.000Z\", \"value\": \"VulDB entry last update\"}], \"references\": [{\"url\": \"https://vuldb.com/vuln/352358\", \"name\": \"VDB-352358 | janmojzis tinyssh Ed25519 Signature crypto_sign_ed25519_tinyssh.c signature verification\", \"tags\": [\"vdb-entry\"]}, {\"url\": \"https://vuldb.com/vuln/352358/cti\", \"name\": \"VDB-352358 | CTI Indicators (IOB, IOC, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://vuldb.com/submit/774687\", \"name\": \"Submit #774687 | GitHub tinyssh 20250501 Cryptographic Issues\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/janmojzis/tinyssh/issues/101\", \"tags\": [\"issue-tracking\"]}, {\"url\": \"https://github.com/janmojzis/tinyssh/pull/102\", \"tags\": [\"issue-tracking\", \"patch\"]}, {\"url\": \"https://github.com/janmojzis/tinyssh/issues/101#issue-3983586116\", \"tags\": [\"exploit\", \"issue-tracking\"]}, {\"url\": \"https://github.com/janmojzis/tinyssh/commit/9c87269607e0d7d20174df742accc49c042cff17\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/janmojzis/tinyssh/releases/tag/20260301\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/janmojzis/tinyssh/\", \"tags\": [\"product\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/crypto_sign_ed25519_tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is restricted to local execution. The attack\u0027s complexity is rated as high. The exploitability is considered difficult. The exploit has been published and may be used. Upgrading to version 20260301 is recommended to address this issue. Patch name: 9c87269607e0d7d20174df742accc49c042cff17. Upgrading the affected component is recommended.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-347\", \"description\": \"Improper Verification of Cryptographic Signature\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-345\", \"description\": \"Insufficient Verification of Data Authenticity\"}]}], \"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2026-04-18T03:39:33.191Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-4541\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-18T03:39:33.191Z\", \"dateReserved\": \"2026-03-21T15:10:27.592Z\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"datePublished\": \"2026-03-22T08:35:03.623Z\", \"assignerShortName\": \"VulDB\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.