CVE-2026-3706 | THREATINT

Description

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is considered difficult. The exploit has been publicly disclosed and may be utilized. Patch name: fdec3c90a15447bd538641d85e5a3e3ac981011d. To fix this issue, it is recommended to deploy a patch.

PUBLISHED Reserved 2026-03-07 | Published 2026-03-08 | Updated 2026-03-08 | Assigner VulDB

MEDIUM: 6.3CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

LOW: 3.7CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

LOW: 3.7CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

2.6AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C

Problem types

Improper Verification of Cryptographic Signature

Insufficient Verification of Data Authenticity

Product status

2025.0

affected

2025.1

affected

2025.2

affected

2025.3

affected

2025.4

affected

2025.5

affected

2025.6

affected

2025.7

affected

2025.8

affected

2025.9

affected

2025.10

affected

2025.11

affected

2025.12

affected

2025.13

affected

2025.14

affected

2025.15

affected

2025.16

affected

2025.17

affected

2025.18

affected

2025.19

affected

2025.20

affected

2025.21

affected

2025.22

affected

2025.23

affected

2025.24

affected

2025.25

affected

2025.26

affected

2025.27

affected

2025.28

affected

2025.29

affected

2025.30

affected

2025.31

affected

2025.32

affected

2025.33

affected

2025.34

affected

2025.35

affected

2025.36

affected

2025.37

affected

2025.38

affected

2025.39

affected

2025.40

affected

2025.41

affected

2025.42

affected

2025.43

affected

2025.44

affected

2025.45

affected

2025.46

affected

2025.47

affected

2025.48

affected

2025.49

affected

2025.50

affected

2025.51

affected

2025.52

affected

2025.53

affected

2025.54

affected

2025.55

affected

2025.56

affected

2025.57

affected

2025.58

affected

2025.59

affected

2025.60

affected

2025.61

affected

2025.62

affected

2025.63

affected

2025.64

affected

2025.65

affected

2025.66

affected

2025.67

affected

2025.68

affected

2025.69

affected

2025.70

affected

2025.71

affected

2025.72

affected

2025.73

affected

2025.74

affected

2025.75

affected

2025.76

affected

2025.77

affected

2025.78

affected

2025.79

affected

2025.80

affected

2025.81

affected

2025.82

affected

2025.83

affected

2025.84

affected

2025.85

affected

2025.86

affected

2025.87

affected

2025.88

affected

2025.89

affected

Timeline

2026-03-07:	Advisory disclosed
2026-03-07:	VulDB entry created
2026-03-07:	VulDB entry last update

Credits

pythok (VulDB User) reporter

References

vuldb.com/?id.349652 (VDB-349652 | mkj Dropbear S Range Check curve25519.c unpackneg signature verification) vdb-entry technical-description

vuldb.com/?ctiid.349652 (VDB-349652 | CTI Indicators (IOB, IOC, IOA)) signature permissions-required

vuldb.com/?submit.765933 (Submit #765933 | GitHub Dropbear 2025.89 Improper Verification of Cryptographic Signature) third-party-advisory

github.com/str4d/ed25519-java/issues/82 issue-tracking

github.com/mkj/dropbear/pull/407 issue-tracking patch

github.com/mkj/dropbear/issues/406 exploit issue-tracking

github.com/...ommit/fdec3c90a15447bd538641d85e5a3e3ac981011d patch

github.com/mkj/dropbear/ product

cve.org (CVE-2026-3706)

nvd.nist.gov (CVE-2026-3706)

Download JSON