Vulnerability Database

318,638

Total vulnerabilities in the database

CVE-2026-22705

RustCrypto: Signatures offers support for digital signatures, which provide authentication of data using public-key cryptography. Prior to version 0.1.0-rc.2, a timing side-channel was discovered in the Decompose algorithm which is used during ML-DSA signing to generate hints for the signature. This issue has been patched in version 0.1.0-rc.2.

  • Published: Jan 10, 2026
  • Updated: Jan 11, 2026
  • CVE: CVE-2026-22705
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.4
  • AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWEs:

No affected software listed.