CVE-2026-4601 | jsrsasign up to 11.1.0 Private Key KJUR.crypto.DSA.signWithMessageHash missing cryptographic step (SNYK-JS-JSRSASIGN-15370941)

Inserito da Angelo Barbosa | Mar 23, 2026 | CVE

A vulnerability marked as problematic has been reported in jsrsasign up to 11.1.0. Impacted is the function KJUR.crypto.DSA.signWithMessageHash of the component Private Key Handler. This manipulation causes missing cryptographic step.

The identification of this vulnerability is CVE-2026-4601. It is possible to initiate the attack remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-4601 | jsrsasign up to 11.1.0 Private Key KJUR.crypto.DSA.signWithMessageHash missing cryptographic step (SNYK-JS-JSRSASIGN-15370941)

Post correlati

CVE-2025-3833 | Zoho ManageEngine ADSelfService Plus up to 6513 MFA Report sql injection

CVE-2026-3134 | itsourcecode News Portal Project 1.0 edit-category.php Category sql injection

CVE-2025-23393 | SUSE Manager Server Module 4.3 cross site scripting

CVE-2024-29753 | Google Android tmu.c tmu_set_control_temp_step out-of-bounds write