CVE-2026-22699— RustCrypto SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt()
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-22699
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
RustCrypto SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt()
Source: NVD (National Vulnerability Database)
Vulnerability Description
RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography (ECC) support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof. In versions 0.14.0-pre.0 and 0.14.0-rc.0, a denial-of-service vulnerability exists in the SM2 PKE decryption path where an invalid elliptic-curve point (C1) is decoded and the resulting value is unwrapped without checking. Specifically, AffinePoint::from_encoded_point(&encoded_c1) may return a None/CtOption::None when the supplied coordinates are syntactically valid but do not lie on the SM2 curve. The calling code previously used .unwrap(), causing a panic when presented with such input. This issue has been patched via commit 085b7be.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
RustCrypto: Elliptic Curves 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
RustCrypto: Elliptic Curves是Rust Crypto开源的一个Rust加密库。 RustCrypto: Elliptic Curves 0.14.0-pre.0版本和0.14.0-rc.0版本存在输入验证错误漏洞,该漏洞源于SM2 PKE解密路径中未检查无效椭圆曲线点,可能导致拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| RustCrypto | elliptic-curves | = 0.14.0-pre.0 | - |
II. Public POCs for CVE-2026-22699
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-22699
请登录查看更多情报信息。
Same Patch Batch · RustCrypto · 2026-01-10 · 4 CVEs total
| CVE-2026-22700 | 7.5 HIGH | RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE |
| CVE-2026-22705 | 6.4 MEDIUM | RustCrypto: Signatures has timing side-channel in ML-DSA decomposition |
| CVE-2026-22698 | RustCrypto SM2-PKE has 32-bit Biased Nonce Vulnerability |
IV. Related Vulnerabilities
Same vendor: RustCrypto
- CVE-2026-24850
ML-DSA Signature Verification Accepts Signatures with Repeat - CVE-2026-23519
RustCrypto cmov: thumbv6m-none-eabi compiler emits non-const - CVE-2026-22705
RustCrypto: Signatures has timing side-channel in ML-DSA dec - CVE-2026-22700
RustCrypto Has Insufficient Length Validation in decrypt() i - CVE-2026-22698
RustCrypto SM2-PKE has 32-bit Biased Nonce Vulnerability
Same weakness: CWE-20
V. Comments for CVE-2026-22699
No comments yet