CVE-2026-4599
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk38th percentile - higher than 38% of all known CVEs
Summary
The jsrsasign library versions 7.0.0 through 11.1.0 are vulnerable to incomplete comparison in the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions. An attacker can recover the private key by exploiting incorrect compareTo checks that accept out-of-range candidates, biasing DSA nonces during signature generation.
Risk Assessment
The risk is that an attacker can recover the private key, potentially leading to impersonation of authorized entities, data integrity breaches, and system compromise.
Recommendation
Immediately update the jsrsasign library to version 11.1.1 or later, which contains the fix for this vulnerability.
Original NVD description (English source)
Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect compareTo checks that accept out-of-range candidates and thus bias DSA nonces during signature generation.

