VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-pc81-tj49-j3fs

Essentials
Severities (23)
References (20)
Severity details (21)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-pc81-tj49-j3fs
Aliases	CVE-2026-33894 GHSA-ppp5-5v6c-4jwp
Summary	Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing “garbage” bytes within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN structure, rather than outside of it. Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries. Version 1.4.0 patches the issue.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-20	Improper Input Validation
CWE-347	Improper Verification of Cryptographic Signature
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33894.json
epss	0.00038	https://api.first.org/data/v1/epss?cve=CVE-2026-33894
epss	0.00038	https://api.first.org/data/v1/epss?cve=CVE-2026-33894
cvssv3.1	7.5	https://datatracker.ietf.org/doc/html/rfc2313#section-8
generic_textual	HIGH	https://datatracker.ietf.org/doc/html/rfc2313#section-8
ssvc	Track	https://datatracker.ietf.org/doc/html/rfc2313#section-8
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-ppp5-5v6c-4jwp
cvssv3.1	7.5	https://github.com/digitalbazaar/forge
generic_textual	HIGH	https://github.com/digitalbazaar/forge
cvssv3.1	7.5	https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765
generic_textual	HIGH	https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765
cvssv3.1	7.5	https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp
cvssv3.1_qr	HIGH	https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp
generic_textual	HIGH	https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp
ssvc	Track	https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp
cvssv3.1	7.5	https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE
generic_textual	HIGH	https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE
ssvc	Track	https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2026-33894
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2026-33894
cvssv3.1	7.5	https://www.rfc-editor.org/rfc/rfc8017.html
generic_textual	HIGH	https://www.rfc-editor.org/rfc/rfc8017.html
ssvc	Track	https://www.rfc-editor.org/rfc/rfc8017.html

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33894.json
		https://api.first.org/data/v1/epss?cve=CVE-2026-33894
		https://nvd.nist.gov/vuln/detail/CVE-2026-33894
2452464		https://bugzilla.redhat.com/show_bug.cgi?id=2452464
5rnE9ZRN1AokBVj3VqblGlP63QE		https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE
GHSA-cfm4-qjh2-4765		https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765
GHSA-ppp5-5v6c-4jwp		https://github.com/advisories/GHSA-ppp5-5v6c-4jwp
GHSA-ppp5-5v6c-4jwp		https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp
rfc2313#section-8		https://datatracker.ietf.org/doc/html/rfc2313#section-8
rfc8017.html		https://www.rfc-editor.org/rfc/rfc8017.html
RHSA-2026:13826		https://access.redhat.com/errata/RHSA-2026:13826
RHSA-2026:19375		https://access.redhat.com/errata/RHSA-2026:19375
RHSA-2026:21017		https://access.redhat.com/errata/RHSA-2026:21017
RHSA-2026:22465		https://access.redhat.com/errata/RHSA-2026:22465
RHSA-2026:22629		https://access.redhat.com/errata/RHSA-2026:22629
RHSA-2026:22840		https://access.redhat.com/errata/RHSA-2026:22840
RHSA-2026:23361		https://access.redhat.com/errata/RHSA-2026:23361
RHSA-2026:24761		https://access.redhat.com/errata/RHSA-2026:24761
RHSA-2026:24853		https://access.redhat.com/errata/RHSA-2026:24853
RHSA-2026:9742		https://access.redhat.com/errata/RHSA-2026:9742

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33894.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://datatracker.ietf.org/doc/html/rfc2313#section-8

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:04:30Z/ Found at https://datatracker.ietf.org/doc/html/rfc2313#section-8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/digitalbazaar/forge

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:04:30Z/ Found at https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:04:30Z/ Found at https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2026-33894

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://www.rfc-editor.org/rfc/rfc8017.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:04:30Z/ Found at https://www.rfc-editor.org/rfc/rfc8017.html

Exploit Prediction Scoring System (EPSS)

Percentile	0.11812
EPSS Score	0.00038
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T16:49:33.325994+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2026/33xxx/CVE-2026-33894.json	38.6.0