Libsodium · Libsodium · CVE-2025-69277
**Name of the Vulnerable Software and Affected Versions**
libsodium versions prior to ad3004e
**Description**
The software mishandles checks for the validity of elliptic curve points in specific, unusual scenarios. This occurs when custom cryptography or untrusted data is used with the `crypto core ed25519 is valid point` function, potentially allowing points that are not part of the main cryptographic group.
**Recommendations**
Update to version ad3004e or later.