CVE-2025-66017

Name of the Vulnerable Software and Affected Versions cggmp21 versions 0.6.3 and earlier cggmp24 version 0.7.0-alpha.1

Description The software is susceptible to a security issue related to the use of presignatures in specific contexts. Specifically, using presignatures in conjunction with HD wallet derivation or "raw signing" can significantly reduce security or lead to signature forgery. The Presignature::set derivation path function was identified as a point of vulnerability, allowing malleable attacks that reduce the security level to 85 bits. Additionally, the Presignature::issue partial signature function could be exploited to forge signatures when signing a hash without knowing the original message. The API has been modified in a later release to prevent these insecure uses of presignatures.

Recommendations cggmp21 versions 0.6.3 and earlier: Migrate to a patched version that excludes presignatures from being used in vulnerable scenarios, or avoid using presignatures in contexts where they weaken system security. cggmp24 version 0.7.0-alpha.1: Upgrade to version 0.7.0-alpha.2 or later, and follow the migration guidelines to ensure secure usage.