CVE-2026-26958

N/A Unknown

📋 TL;DR

This vulnerability in the filippo.io/edwards25519 Go library causes the MultiScalarMult function to produce invalid cryptographic results or undefined behavior when called on non-identity points. It affects users who directly call this advanced API in their applications, potentially leading to cryptographic failures. Users who only use the library indirectly through dependencies like github.com/go-sql-driver/mysql are not affected.

💻 Affected Systems

Products:

• filippo.io/edwards25519 Go library

Versions: Versions 1.1.0 and earlier

Operating Systems: All platforms running Go applications

Default Config Vulnerable: ✅ No

Notes: Only affects direct users of the MultiScalarMult API. Users who depend on the library only through higher-level packages like github.com/go-sql-driver/mysql are not affected.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

1. Review the CVE details at NVD
2. Check vendor security advisories for your specific version
3. Test if the vulnerability is exploitable in your environment
4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Cryptographic operations using MultiScalarMult produce invalid results, potentially breaking authentication, signature verification, or key agreement protocols that rely on correct elliptic curve computations.

🟠

Likely Case

Applications using MultiScalarMult API incorrectly produce invalid cryptographic outputs, causing functional failures in specific cryptographic operations.

🟢

If Mitigated

Limited impact since MultiScalarMult is a rarely used advanced API, and most users won't be affected if they don't call this specific function.

🌐 Internet-Facing: LOW with brief explanation

🏢 Internal Only: LOW with brief explanation

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires specific knowledge of the MultiScalarMult API usage and ability to trigger calls with non-identity points.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 1.1.1

Vendor Advisory: https://github.com/FiloSottile/edwards25519/security/advisories/GHSA-fw7p-63qq-7hpr

Restart Required: Yes

Instructions:

1. Update Go module dependency to filippo.io/edwards25519 v1.1.1
2. Run 'go mod tidy' to update dependencies
3. Rebuild and redeploy affected applications
4. Restart services using the updated library

🔧 Temporary Workarounds

Avoid MultiScalarMult usage

all

Ensure MultiScalarMult is only called with identity points as receivers

Copy

// Code review to ensure all MultiScalarMult calls use identity points
// Example: var p edwards25519.Point
// p.MultiScalarMult(...) // Only call if p is identity

🧯 If You Can't Patch

• Audit codebase for MultiScalarMult usage and ensure all calls use identity points as receivers
• Implement input validation to prevent MultiScalarMult calls with non-identity points

🔍 How to Verify

Check if Vulnerable:

Copy

Check go.mod or go.sum for filippo.io/edwards25519 version <1.1.1

Check Version:

Copy

grep 'filippo.io/edwards25519' go.mod

Verify Fix Applied:

Copy

Verify go.mod contains filippo.io/edwards25519 v1.1.1 or later

📡 Detection & Monitoring

Log Indicators:

• Application errors related to cryptographic operations
• Invalid signature or authentication failures

Network Indicators:

• Failed cryptographic handshakes in protocols using edwards25519

SIEM Query:

Copy

Application logs containing 'MultiScalarMult' or cryptographic operation failures

📊 Metadata

CVE ID: CVE-2026-26958

CVSS v3 Score: N/A (Unknown)

CWE: CWE-665

Published: February 19, 2026

Last Updated: February 20, 2026

🔗 References

• https://github.com/FiloSottile/edwards25519/commit/d1c650afb95fad0742b98d95f2eb2cf031393abb
• https://github.com/FiloSottile/edwards25519/releases/tag/v1.1.1
• https://github.com/FiloSottile/edwards25519/security/advisories/GHSA-fw7p-63qq-7hpr

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-26958, you might also want to check these:

CVE-2021-33635 9.8

CVE-2021-33635 is a critical vulnerability in iSulad container runtime where pulling malicious conta...

Same vulnerability type (CWE-665)

CVE-2022-0947 9.0

This vulnerability in ABB ARG600 Wireless Gateway series allows remote attackers to connect to seria...

Same vulnerability type (CWE-665)

CVE-2023-28737 8.8

This vulnerability in Intel Aptio V UEFI Firmware Integrator Tools allows authenticated local users ...

Same vulnerability type (CWE-665)