CVE-2026-26958: filippo.io/edwards25519 MultiScalarMult produces invalid results or undefined behavior if receiver is not the identity
(updated )
(*Point).MultiScalarMult failed to initialize its receiver.
If the method was called on an initialized point that is not the identity point, MultiScalarMult produced an incorrect result.
If the method was called on an uninitialized point, the behavior was undefined. In particular, if the receiver was the zero value, MultiScalarMult returned an invalid point that compared Equal to every point.
Note that MultiScalarMult is a rarely used advanced API. For example, if you only depend on filippo.io/edwards25519 via github.com/go-sql-driver/mysql, you are not affected. If you were notified of this issue despite not being affected, consider switching to a vulnerability scanner that is more precise and respectful of your attention, like govulncheck.
References
- github.com/FiloSottile/edwards25519
- github.com/FiloSottile/edwards25519/commit/d1c650afb95fad0742b98d95f2eb2cf031393abb
- github.com/FiloSottile/edwards25519/releases/tag/v1.1.1
- github.com/FiloSottile/edwards25519/security/advisories/GHSA-fw7p-63qq-7hpr
- github.com/advisories/GHSA-fw7p-63qq-7hpr
- nvd.nist.gov/vuln/detail/CVE-2026-26958
Code Behaviors & Features
Detect and mitigate CVE-2026-26958 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →