{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T04:55:18.524","vulnerabilities":[{"cve":{"id":"CVE-2026-24850","sourceIdentifier":"security-advisories@github.com","published":"2026-01-28T01:16:15.097","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The ML-DSA crate is a Rust implementation of the Module-Lattice-Based Digital Signature Standard (ML-DSA). Starting in version 0.0.4 and prior to version 0.1.0-rc.4, the ML-DSA signature verification implementation in the RustCrypto `ml-dsa` crate incorrectly accepts signatures with repeated (duplicate) hint indices. According to the ML-DSA specification (FIPS 204 / RFC 9881), hint indices within each polynomial must be **strictly increasing**. The current implementation uses a non-strict monotonic check (`<=` instead of `<`), allowing duplicate indices. This is a regression bug. The original implementation was correct, but a commit in version 0.0.4 inadvertently changed the strict `<` comparison to `<=`, introducing the vulnerability. Version 0.1.0-rc.4 fixes the issue."},{"lang":"es","value":"El *crate* ML-DSA es una implementación en Rust del Estándar de Firma Digital Basado en Módulos de Retículos (ML-DSA). A partir de la versión 0.0.4 y antes de la versión 0.1.0-rc.4, la implementación de verificación de firma ML-DSA en el *crate* 'ml-dsa' de RustCrypto acepta incorrectamente firmas con índices de pista repetidos (duplicados). Según la especificación ML-DSA (FIPS 204 / RFC 9881), los índices de pista dentro de cada polinomio deben ser estrictamente crecientes. La implementación actual utiliza una comprobación monótona no estricta ('<=' en lugar de '<'), permitiendo índices duplicados. Esto es un error de regresión. La implementación original era correcta, pero un *commit* en la versión 0.0.4 cambió inadvertidamente la comparación estricta '<' a '<=', introduciendo la vulnerabilidad. La versión 0.1.0-rc.4 corrige el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-347"}]}],"references":[{"url":"https://csrc.nist.gov/pubs/fips/204/final","source":"security-advisories@github.com"},{"url":"https://datatracker.ietf.org/doc/html/rfc9881","source":"security-advisories@github.com"},{"url":"https://github.com/C2SP/wycheproof","source":"security-advisories@github.com"},{"url":"https://github.com/C2SP/wycheproof/blob/master/testvectors_v1/mldsa_44_verify_test.json","source":"security-advisories@github.com"},{"url":"https://github.com/C2SP/wycheproof/blob/master/testvectors_v1/mldsa_65_verify_test.json","source":"security-advisories@github.com"},{"url":"https://github.com/C2SP/wycheproof/blob/master/testvectors_v1/mldsa_87_verify_test.json","source":"security-advisories@github.com"},{"url":"https://github.com/RustCrypto/signatures/commit/400961412be2e2ab787942cf30e0a9b66b37a54a","source":"security-advisories@github.com"},{"url":"https://github.com/RustCrypto/signatures/commit/b01c3b73dd08d0094e089aa234f78b6089ec1f38","source":"security-advisories@github.com"},{"url":"https://github.com/RustCrypto/signatures/issues/894","source":"security-advisories@github.com"},{"url":"https://github.com/RustCrypto/signatures/pull/895","source":"security-advisories@github.com"},{"url":"https://github.com/RustCrypto/signatures/security/advisories/GHSA-5x2r-hc65-25f9","source":"security-advisories@github.com"}]}}]}