CVE-2026-32614: SM9 Infinity-Point Ciphertext Forgery Vulnerability

March 13, 2026 (updated March 16, 2026)

The direct impact of this vulnerability is ciphertext forgery, not confidentiality loss.

The attacker does not need the master public key, the user’s private key, or any other secret material.
The attacker only needs to know the target UID to construct a seemingly valid ciphertext.
When the recipient invokes the SM9 decryption API, the forged ciphertext decrypts successfully to attacker-chosen plaintext.
The C3 integrity check also passes, so this is not merely a format bypass, but a full forgery.

This issue affects the following paths because they all eventually enter the same UnwrapKey logic:

sm9.Decrypt
sm9.DecryptASN1
sm9.UnwrapKey

This means the issue affects not only public-key encryption/decryption, but also key encapsulation/decapsulation.

References

Code Behaviors & Features

Detect and mitigate CVE-2026-32614 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →