ROOT-APP-NPM-CVE-2026-33891 CVE-2026-33891 in @rootio/node-forge - Patched by Root

Root has patched CVE-2026-33891 in the @rootio/node-forge package for Root:npm. Multiple fixed versions available...

UBUNTU-CVE-2026-33895

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, Ed25519 signature verification accepts forged non-canonical signatures where the scalar S is not reduced modulo the group order S = L. A valid signature and its S + L variant...

CVE-2026-33894 Forge has signature forgery in RSA-PKCS due to ASN.1 extra field

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS1 v1.5 signature verification accepts forged signatures for low public exponent keys e=3. Attackers can forge signatures by stuffing “garbage” bytes within the ASN...

CVE-2026-33894

Forge (node-forge) prior to version 1.4.0 is vulnerable to RSASSA-PKCS1 v1.5 signature forgery for low exponent keys (e = 3). The issue arises from forging signatures by injecting extra bytes inside the ASN.1 structure and by not enforcing a minimum PKCS#1 v1.5 padding length of 8 bytes, enabling...

node-forge ASN.1 Unbounded Recursion

...

GHSA-X4JG-MJRX-434G Improper Verification of Cryptographic Signature in node-forge

Impact RSA PKCS1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. Patches The issue has been...