Lucene search
K

59 matches found

NVD
NVD
added 2026/06/10 10:16 p.m.9 views

CVE-2026-46654

Plonky3 is a toolkit for polynomial IOPs PIOPs. Prior to versions 0.4.3 and 0.5.3, an attacker controlling prover-side observations can craft distinct transcripts that produce identical challenges, breaking the binding property of Fiat-Shamir. This issue has been patched in versions 0.4.3 and 0.5...

8.9CVSS0.00108EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 8:6 p.m.8 views

CVE-2026-46654 Plonky3 MultiField32Challenger: transcript malleability and challenge entropy loss

Plonky3 is a toolkit for polynomial IOPs PIOPs. Prior to versions 0.4.3 and 0.5.3, an attacker controlling prover-side observations can craft distinct transcripts that produce identical challenges, breaking the binding property of Fiat-Shamir. This issue has been patched in versions 0.4.3 and 0.5...

8.9CVSS5.4AI score0.00108EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 8:6 p.m.24 views

CVE-2026-46654

The CVE-2026-46654 issue affects Plonky3’s MultiField32Challenger in the prover transcript handling, where transcript malleability allows an attacker controlling prover-side observations to craft transcripts that yield identical challenges, breaking Fiat-Shamir binding. Root cause: a mismatch bet...

8.9CVSS5.4AI score0.00108EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 8:6 p.m.10 views

EUVD-2026-36119

Plonky3 is a toolkit for polynomial IOPs PIOPs. Prior to versions 0.4.3 and 0.5.3, an attacker controlling prover-side observations can craft distinct transcripts that produce identical challenges, breaking the binding property of Fiat-Shamir. This issue has been patched in versions 0.4.3 and 0.5...

8.9CVSS5.4AI score0.00108EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.11 views

Plonky3 数据伪造问题漏洞

Plonky3 is an open-source implementation of the Polynomial IOP cryptographic primitive toolkit by Plonky3 developers. Versions of Plonky3 prior to 0.4.3 and 0.5.3 contained a data forgery vulnerability. This vulnerability allowed attackers to control the observations made by the prover, resulting...

8.9CVSS5.3AI score0.00108EPSS
Exploits0References1
OSV
OSV
added 2026/05/21 8:24 p.m.8 views

GHSA-VJ64-RJF3-W3V7 Plonky3 MultiField32Challenger: transcript malleability and challenge entropy loss

Impact - Key: challenger/src/multifieldchallenger.rs | MultiField32Challenger::duplexing | transcriptmalleability - Affected files: challenger/src/multifieldchallenger.rs, field/src/helpers.rs - Violated invariant: The Fiat-Shamir sponge must bind challenges to the exact sequence of observed fiel...

8.9CVSS5.8AI score0.00108EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.8 views

PT-2026-42645

Impact - Key: challenger/src/multi field challenger.rs | MultiField32Challenger::duplexing | transcript malleability - Affected files: challenger/src/multi field challenger.rs, field/src/helpers.rs - Violated invariant: The Fiat-Shamir sponge must bind challenges to the exact sequence of observed...

8.9CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.13 views

PT-2026-42695

Name of the Vulnerable Software and Affected Versions Plonky3 versions prior to 0.4.3 Plonky3 versions prior to 0.5.3 Description An attacker controlling prover-side observations can craft distinct transcripts that produce identical challenges, breaking the binding property of Fiat-Shamir. This...

8.9CVSS5.4AI score0.00108EPSS
Exploits0References3
HackRead
HackRead
added 2026/03/30 4:18 p.m.6 views

24/7 Payments for 24/7 Agents: The Case for Crypto in the Machine Economy

Crypto enables 24/7 payments for AI agents, replacing fiat limits with scalable machine-to-machine transactions and powering the emerging machine economy...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-5564

Malware in sbrugna...

8.3CVSS6.4AI score0.01768EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-6521

Malware in sbrugna...

5.4CVSS6.4AI score0.00297EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-33901

Malicious code in bioql PyPI...

8.1CVSS8.1AI score0.00698EPSS
Exploits1References2
HackRead
HackRead
added 2025/09/22 10:31 p.m.5 views

Jeep and Dodge Parent Company Stellantis Confirms Customer Data Breach

Stellantis, parent of Jeep, Chrysler, Dodge and FIAT, confirms data breach through third-party vendor. Contact info exposed, financial data not affected...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/09/09 11:2 a.m.4 views

New Cryptanalysis of the Fiat-Shamir Protocol

A couple of months ago, a new paper demonstrated some new attacks against the Fiat-Shamir transformation. Quanta published a good article that explains the results. This is a pretty exciting paper from a theoretical perspective, but I don't see it leading to any practical real-world cryptanalysis...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:46 p.m.6 views

CVE-2022-29566

The Bulletproofs 2017/1066 paper mishandles Fiat-Shamir generation because the hash computation fails to include all of the public values from the Zero Knowledge proof statement as well as all of the public values computed in the proof, aka the Frozen Heart issue...

8.1CVSS6.9AI score0.00698EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2025/05/20 12:0 a.m.4 views

CRYPTONITE: Scalable Accelerator Design for Cryptographic Primitives and Algorithms

Cryptographic primitives, consisting of repetitive operations with different inputs, are typically implemented using straight-line C code due to traditional execution on CPUs. Computing these primitives is necessary for secure communication; thus, dedicated hardware accelerators are required in...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/18 12:0 a.m.5 views

Post Quantum Cryptography (PQC) Signatures without Trapdoors

Some of our current public key methods use a trap door to implement digital signature methods. This includes the RSA method, which uses Fermat's little theorem to support the creation and verification of a digital signature. The problem with a back-door is that the actual trap-door method could, ...

6.9AI score
Exploits0
Github Security Blog
Github Security Blog
added 2025/01/15 9:25 p.m.17 views

SP1 has missing verifier checks and fiat-shamir observations

In SP1’s STARK verifier, the prover provided chipordering is used to fetch the index of the chips that have preprocessed columns. Prior to v4.0.0, the validation that this chipordering correctly provides these indexes was missing. In v4.0.0, this was fixed by adding a check that the indexed chip’...

7AI score
Exploits0References2Affected Software1
OSV
OSV
added 2024/11/08 4:44 p.m.3 views

GHSA-8M24-3CFX-9FJW sp1 has insufficient observation of cumulative sum

During proof generation, the prover must observe all values sent to the verifier to generate valid Fiat-Shamir challenges. Prior to v3.0.0 the cumulative sum of the permutation argument was not observed when sampling zeta, which is a random challenge sampled to force the constraints to be true. I...

6.3CVSS6.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/11/08 4:44 p.m.9 views

sp1 has insufficient observation of cumulative sum

During proof generation, the prover must observe all values sent to the verifier to generate valid Fiat-Shamir challenges. Prior to v3.0.0 the cumulative sum of the permutation argument was not observed when sampling zeta, which is a random challenge sampled to force the constraints to be true. I...

6.8AI score
Exploits0References3Affected Software1
Rows per page
Query Builder