CVE-2026-22705 identifies a timing side-channel vulnerability in the RustCrypto signatures library, specifically in the Decompose algorithm used during the ML-DSA (Multi-Layer Digital Signature Algorithm) signing process. RustCrypto signatures provide public-key cryptographic digital signatures for data authentication. Prior to version 0.1.0-rc.2, the Decompose algorithm leaked timing information that could be exploited by an attacker to infer secret cryptographic material, undermining the confidentiality and integrity of the signature process. This side-channel arises because the algorithm's execution time varies based on secret-dependent computations, allowing an attacker with the ability to measure timing precisely to recover private keys or forge signatures. The vulnerability requires the attacker to have access over a local or adjacent network (AV:A), with high attack complexity (AC:H), low privileges (PR:L), and no user interaction (UI:N). The scope is unchanged (S:U), meaning the impact is limited to the vulnerable component. The CVSS v3.1 base score is 6.4, reflecting medium severity with high confidentiality and integrity impacts but no availability impact. The issue has been patched in RustCrypto signatures version 0.1.0-rc.2. No known exploits have been reported in the wild as of the publication date. This vulnerability is classified under CWE-1240, which relates to the use of cryptographic primitives with risky implementations that can leak sensitive information through side-channels.

For European organizations, the vulnerability poses a significant risk to the confidentiality and integrity of cryptographic operations relying on RustCrypto signatures, particularly in sectors such as finance, government, telecommunications, and critical infrastructure where digital signatures are essential for authentication and data integrity. Exploitation could lead to private key compromise, enabling attackers to forge signatures, impersonate entities, or tamper with signed data undetected. This undermines trust in secure communications and transactions. Although the attack complexity is high and requires network proximity, organizations with exposed internal networks or shared environments could be vulnerable. The lack of availability impact means systems remain operational, but the silent compromise of cryptographic keys could have long-term security consequences. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop techniques over time.

European organizations should immediately upgrade all RustCrypto signatures library instances to version 0.1.0-rc.2 or later to apply the patch addressing the timing side-channel. Additionally, conduct a thorough audit of cryptographic implementations to identify and remediate other potential side-channel vulnerabilities, especially in custom or third-party cryptographic code. Employ constant-time cryptographic algorithms and side-channel resistant coding practices to minimize timing leakage. Restrict network access to systems performing cryptographic operations, particularly limiting local and adjacent network exposure. Implement monitoring to detect unusual timing measurement attempts or anomalous network activity that could indicate reconnaissance for side-channel attacks. Educate development teams on secure cryptographic implementation standards and encourage use of well-vetted libraries with active maintenance. Finally, maintain an inventory of cryptographic dependencies to ensure timely updates and vulnerability management.