The vulnerability CVE-2026-33894 affects the digitalbazaar forge library, a JavaScript native implementation of TLS, specifically its RSASSA PKCS#1 v1.5 signature verification mechanism. Prior to version 1.4.0, forge improperly validates cryptographic signatures when the public exponent is low (e=3), a scenario that is susceptible to Bleichenbacher-style signature forgery attacks. The core issue lies in the acceptance of forged signatures that contain extraneous or “garbage” bytes embedded within the ASN.1 structure of the signature rather than outside it, which deviates from the expected strict ASN.1 encoding rules. This subtle difference allows attackers to craft signatures that pass verification despite being invalid. Furthermore, forge does not enforce the PKCS#1 specification requirement that signatures include at least 8 bytes of padding, providing additional room for attackers to manipulate the signature structure to bypass verification. This vulnerability is similar in nature to CVE-2022-24771 but differs in the method of embedding the extraneous bytes. The vulnerability impacts the integrity of cryptographic operations relying on forge’s signature verification, potentially allowing attackers to impersonate legitimate signers or bypass authentication mechanisms that depend on these signatures. The vulnerability has a CVSS 3.1 base score of 7.5 (high severity), with an attack vector of network, low attack complexity, no privileges required, and no user interaction needed. The scope is unchanged, and the impact affects integrity but not confidentiality or availability. No known exploits are reported in the wild as of the publication date. The issue was resolved in forge version 1.4.0 by enforcing stricter ASN.1 parsing and padding validation.

The primary impact of this vulnerability is the compromise of data integrity in systems relying on forge for cryptographic signature verification. Attackers can forge signatures on arbitrary data, potentially allowing unauthorized code execution, bypass of authentication or authorization controls, and impersonation of trusted entities. This can lead to severe consequences in applications such as secure communications, software update validation, digital document signing, and any system relying on RSASSA PKCS#1 v1.5 signatures. Since the vulnerability requires no privileges or user interaction and can be exploited remotely, it poses a significant risk to exposed services and client applications using vulnerable forge versions. Organizations using forge in web applications, APIs, or embedded devices may face increased risk of targeted attacks or supply chain compromises. The lack of confidentiality or availability impact limits the scope to integrity, but integrity breaches in cryptographic contexts are often critical. The absence of known exploits suggests a window of opportunity for attackers if patches are not applied promptly.

1. Immediately upgrade all instances of digitalbazaar forge to version 1.4.0 or later, which includes the patch for this vulnerability. 2. Audit all applications and services that use forge for cryptographic signature verification to identify vulnerable versions. 3. Implement additional cryptographic validation layers where feasible, such as verifying signatures with alternative libraries or hardware security modules (HSMs) to reduce reliance on a single implementation. 4. Enforce strict input validation and ASN.1 parsing rules in custom cryptographic code to prevent similar forgery attacks. 5. Monitor network traffic and logs for anomalous signature verification failures or suspicious signature patterns indicative of exploitation attempts. 6. Educate developers and security teams about the risks of using low public exponent keys (e=3) and encourage migration to more secure key parameters (e.g., e=65537). 7. For critical systems, consider implementing cryptographic agility to allow rapid switching to patched or alternative libraries in response to vulnerabilities. 8. Regularly review and update cryptographic dependencies to incorporate security patches promptly.