CVE-2026-4600 | jsrsasign up to 11.1.0 Domain src/dsa-2.0.js KJUR.crypto.DSA.setPublic signature verification (SNYK-JS-JSRSASIGN-15370940)

Inserito da Angelo Barbosa | Mar 23, 2026 | CVE

A vulnerability identified as problematic has been detected in jsrsasign up to 11.1.0. This vulnerability affects the function KJUR.crypto.DSA.setPublic of the file src/dsa-2.0.js of the component Domain Handler. The manipulation leads to improper verification of cryptographic signature.

This vulnerability is uniquely identified as CVE-2026-4600. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-4600 | jsrsasign up to 11.1.0 Domain src/dsa-2.0.js KJUR.crypto.DSA.setPublic signature verification (SNYK-JS-JSRSASIGN-15370940)

Post correlati

CVE-2025-6419 | code-projects Simple Online Hotel Reservation System 1.0 /admin/edit_room.php room_type sql injection

CVE-2023-44150 | ProfilePress Paid Membership Plugin up to 4.13.2 on WordPress information disclosure

CVE-2024-52792 | LDAPAccountManager LAM up to 8.x Setting mainmanage.php external reference (GHSA-fm9w-7m7v-wxqv)

CVE-2024-24430 | Open5GS up to 2.6.4 NAS Packet mme_ue_find_by_imsi denial of service