CVE-2026-1229 – A cryptographic vulnerability in CIRCL's P-384 ... (How to Fix)

Q: What is the severity of CVE-2026-1229?

CVE-2026-1229 has a CVSS score of 9.8 (CRITICAL). A cryptographic vulnerability in CIRCL's P-384 elliptic curve implementation produces incorrect CombinedMult results for specific inputs. This affects applications using the vulnerable function for cryptographic operations, potentially leading to incorrect cryptographic outputs. Only systems using the affected CIRCL package with the CombinedMult function on the secp384r1 curve are impacted.

📋 TL;DR

A cryptographic vulnerability in CIRCL's P-384 elliptic curve implementation produces incorrect CombinedMult results for specific inputs. This affects applications using the vulnerable function for cryptographic operations, potentially leading to incorrect cryptographic outputs. Only systems using the affected CIRCL package with the CombinedMult function on the secp384r1 curve are impacted.

💻 Affected Systems

Products:

cloudflare/circl

Versions: Versions before v1.6.3

Operating Systems: all

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects CombinedMult function on secp384r1 curve; ECDH and ECDSA signing are not affected.

📦 What is this software?

Circl by Cloudflare

View all CVEs affecting Circl →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Cryptographic operations produce incorrect results, potentially enabling cryptographic attacks against systems relying on the CombinedMult function for security-critical operations.

🟠

Likely Case

Applications using CombinedMult may produce incorrect cryptographic outputs, potentially causing functional failures or security weaknesses in specific scenarios.

🟢

If Mitigated

ECDH and ECDSA operations are unaffected, limiting impact to specific CombinedMult usage patterns.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires specific inputs to trigger the bug and understanding of CombinedMult usage patterns.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v1.6.3

Vendor Advisory: https://github.com/cloudflare/circl/releases/tag/v1.6.3

Restart Required: Yes

Instructions:

1. Check current CIRCL version
2. Update to v1.6.3 or later using package manager
3. Restart affected applications

🔧 Temporary Workarounds

Avoid CombinedMult usage

all

Temporarily avoid using CombinedMult function on secp384r1 curve

🧯 If You Can't Patch

Disable or avoid using CombinedMult function in affected applications
Implement additional validation of cryptographic outputs

🔍 How to Verify

Check if Vulnerable:

Check if application imports github.com/cloudflare/circl/ecc/p384 and uses CombinedMult function

Check Version:

go list -m github.com/cloudflare/circl

Verify Fix Applied:

Verify CIRCL version is v1.6.3 or later and test CombinedMult with known test vectors

📡 Detection & Monitoring

Log Indicators:

Unexpected cryptographic operation failures
Application errors related to CombinedMult function

Network Indicators:

None specific to this vulnerability

SIEM Query:

Application logs containing 'CombinedMult' errors or cryptographic operation failures

📊 Metadata

CVE ID: CVE-2026-1229

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-682

Published: February 24, 2026

Last Updated: March 3, 2026

🔗 References

https://github.com/cloudflare/circl Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-1229, you might also want to check these: