CVE-2026-1229

The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in v1.6.3 https://github.com/cloudflare/circl/releases/tag/v1.6.3 .

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/cloudflare/circl	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:cloudflare:circl:*:*:*:*:*:go:*:*

History

17 Jun 2026, 10:15

Type	Values Removed	Values Added
Summary		(es) La función CombinedMult en el paquete CIRCL ecc/p384 (curva secp384r1) produce un valor incorrecto para entradas específicas. El problema se soluciona utilizando fórmulas de adición completas. La firma ECDH y ECDSA que depende de esta curva no se ve afectada. El error se corrigió en la v1.6.3 https://github.com/cloudflare/circl/releases/tag/v1.6.3.

03 Mar 2026, 00:29

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
First Time		Cloudflare Cloudflare circl
CPE		cpe:2.3:a:cloudflare:circl::::::go::*
References	~~() https://github.com/cloudflare/circl -~~	() https://github.com/cloudflare/circl - Product

24 Feb 2026, 08:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-24 08:16

Updated : 2026-06-17 10:15

NVD link : CVE-2026-1229

Mitre link : CVE-2026-1229

CVE.ORG link : CVE-2026-1229

JSON object : View

Products Affected

cloudflare

circl

CWE

CWE-682

Incorrect Calculation

{"id": "CVE-2026-1229", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-1229", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-24T15:04:09.395394Z"}}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "cna@cloudflare.com", "cvssData": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 2.9, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:X/V:X/RE:X/U:Amber", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "affected": [{"source": "cna@cloudflare.com", "affectedData": [{"repo": "https://github.com/cloudflare/circl", "vendor": "Cloudflare", "product": "CIRCL", "versions": [{"status": "affected", "version": "CIRCL up to version 1.6.2", "lessThan": "1.6.3", "versionType": "custom"}], "platforms": ["Go"], "defaultStatus": "unaffected"}]}], "published": "2026-02-24T08:16:28.407", "references": [{"url": "https://github.com/cloudflare/circl", "tags": ["Product"], "source": "cna@cloudflare.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "cna@cloudflare.com", "description": [{"lang": "en", "value": "CWE-682"}]}], "descriptions": [{"lang": "en", "value": "The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas.\nECDH and ECDSA signing relying on this curve are not affected.\n\nThe bug was fixed in v1.6.3 https://github.com/cloudflare/circl/releases/tag/v1.6.3 ."}, {"lang": "es", "value": "La funci\u00f3n CombinedMult en el paquete CIRCL ecc/p384 (curva secp384r1) produce un valor incorrecto para entradas espec\u00edficas. El problema se soluciona utilizando f\u00f3rmulas de adici\u00f3n completas. La firma ECDH y ECDSA que depende de esta curva no se ve afectada.\n\nEl error se corrigi\u00f3 en la v1.6.3 https://github.com/cloudflare/circl/releases/tag/v1.6.3."}], "lastModified": "2026-06-17T10:15:21.823", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cloudflare:circl:*:*:*:*:*:go:*:*", "vulnerable": true, "matchCriteriaId": "36CDDD6E-5A8A-4017-9B85-4C65E93B8D7F", "versionEndExcluding": "1.6.3"}], "operator": "OR"}]}], "sourceIdentifier": "cna@cloudflare.com"}