CVE-2026-40323 SP1 V6 Recursion Circuit Row-Count Binding Gap

SP1 is a zero‑knowledge virtual machine that proves the correct execution of programs compiled for the RISC-V architecture. In versions 6.0.0 through 6.0.2, a soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof...

GHSA-63X8-X938-VX33 SP1 V6 Recursion Circuit Row-Count Binding Gap

Summary A soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof that the native verifier would reject. - Affected versions: = 6.0.0, = 6.0.2 - Not affected: SP1 V5 all versions - Severity: High Details Background...

PT-2026-32612

Summary A soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof that the native verifier would reject. - Affected versions: = 6.0.0, = 6.0.2 - Not affected: SP1 V5 all versions - Severity: High Details Background...