CVE-2026-21895 – The rsa crate versions before 0.9.10 panic when... (How to Fix)

📋 TL;DR

The rsa crate versions before 0.9.10 panic when creating RSA private keys with a prime value of 1 instead of returning an error. This affects Rust applications using the vulnerable rsa crate for cryptographic operations, potentially causing denial of service.

💻 Affected Systems

Products:

RustCrypto RSA crate

Versions: All versions before 0.9.10

Operating Systems: All platforms running Rust applications

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects applications that use the rsa crate's private key construction from components.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Application crashes when processing maliciously crafted RSA key components, leading to denial of service and potential service disruption.

🟠

Likely Case

Application panics when encountering malformed RSA key data, causing temporary unavailability until restart.

🟢

If Mitigated

Proper input validation prevents malformed keys from reaching the vulnerable function, minimizing impact.

🌐 Internet-Facing: MEDIUM - Attackers could potentially trigger panics by supplying crafted key data to exposed endpoints.

🏢 Internal Only: LOW - Requires access to internal systems or ability to supply malformed key data to affected applications.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires ability to supply malformed RSA key components to the vulnerable function.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.9.10

Vendor Advisory: https://github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26

Restart Required: Yes

Instructions:

1. Update Cargo.toml to specify rsa = "^0.9.10"
2. Run 'cargo update' to fetch the patched version
3. Rebuild and redeploy your application

🔧 Temporary Workarounds

Input validation wrapper

all

Add validation to check prime values before passing to rsa crate functions

// Rust code: Validate prime > 1 before calling RsaPrivateKey::from_components()

🧯 If You Can't Patch

Implement strict input validation for all RSA key component inputs
Monitor application logs for panic events related to RSA operations

🔍 How to Verify

Check if Vulnerable:

Check Cargo.lock or run 'cargo tree | grep rsa' to see if version <0.9.10 is used

Check Version:

cargo tree | grep rsa

Verify Fix Applied:

Confirm rsa crate version is 0.9.10 or higher in Cargo.lock

📡 Detection & Monitoring

Log Indicators:

Application panic logs mentioning RSA operations
Process crashes during cryptographic operations

Network Indicators:

Unusual patterns of RSA key submission to APIs

SIEM Query:

source="application.logs" AND ("panic" AND "rsa") OR ("RsaPrivateKey" AND "from_components")

📊 Metadata

CVE ID: CVE-2026-21895

CVSS v3 Score: N/A (Unknown)

CWE: CWE-703

EPSS Score: 0.06% exploit probability (18.8th percentile)

Published: January 8, 2026

Last Updated: January 8, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-21895, you might also want to check these: