Curveball: Breaking Signature Integrity in sm-crypto
Jan 22, 2026·5 min read·4 visits
Executive Summary (TL;DR)
The `sm-crypto` library, a popular JavaScript implementation of Chinese cryptographic standards (SM2), failed to enforce strict boundary checks during signature verification. This allows attackers to mathematically transform a valid signature into a new, equally valid signature without the private key. While this doesn't leak keys, it wreaks havoc on systems relying on signature uniqueness, such as blockchain ledgers and audit logs.
A signature malleability vulnerability in the sm-crypto JavaScript library allows attackers to forge secondary valid signatures for the same message, potentially bypassing replay protections in cryptographic applications.
Official Patches
Technical Appendix
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NAffected Systems
Affected Versions Detail
| Product | Affected Versions | Fixed Version |
|---|---|---|
sm-crypto JuneAndGreen | < 0.3.14 | 0.3.14 |
| Attribute | Detail |
|---|---|
| Vulnerability ID | CVE-2026-23967 |
| CWE ID | CWE-347 |
| CVSS | 7.5 (High) |
| Attack Vector | Network |
| Impact | Integrity (Signature Forgery) |
| Exploit Status | Poc Available (Theoretical) |
MITRE ATT&CK Mapping
The product does not verify or incorrectly verifies the cryptographic signature for data, allowing an attacker to spoof the signature or modify the data without detection.
Known Exploits & Detection
Vulnerability Timeline
Subscribe to updates
Get the latest CVE analysis reports delivered to your inbox.