CVE-2026-1229

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions circl versions prior to 1.6.3

Description The CombinedMult function within the ecc/p384 package (secp384r1 curve) calculates an incorrect value for certain inputs. This issue does not affect ECDH and ECDSA signing operations that rely on this curve. The problem is resolved by implementing complete addition formulas.

Recommendations Update to version 1.6.3 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-682

Related Identifiers

CLEANSTART-2026-AD71344

CLEANSTART-2026-AQ65185

CLEANSTART-2026-AQ75465

CLEANSTART-2026-BB83999

CLEANSTART-2026-CB00984

CLEANSTART-2026-CC08450

CLEANSTART-2026-CK42797

CLEANSTART-2026-CY45415

CLEANSTART-2026-DM19620

CLEANSTART-2026-DR75226

CLEANSTART-2026-ET12387

CLEANSTART-2026-FC24138

CLEANSTART-2026-FR97108

CLEANSTART-2026-GK29346

CLEANSTART-2026-GN78570

CLEANSTART-2026-GX87608

CLEANSTART-2026-HF07497

CLEANSTART-2026-HK01840

CLEANSTART-2026-HQ88036

CLEANSTART-2026-HX97842

CLEANSTART-2026-IR69938

CLEANSTART-2026-JG72006

CLEANSTART-2026-JU62670

CLEANSTART-2026-JW58725

CLEANSTART-2026-KT28044

CLEANSTART-2026-LO26058

CLEANSTART-2026-LO63022

CLEANSTART-2026-LP76319

CLEANSTART-2026-LS00044

CLEANSTART-2026-LU21824

CLEANSTART-2026-MA32024

CLEANSTART-2026-MK39503

CLEANSTART-2026-ML41879

CLEANSTART-2026-MS81166

CLEANSTART-2026-NI04192

CLEANSTART-2026-NJ43712

CLEANSTART-2026-NP19113

CLEANSTART-2026-NR54556

CLEANSTART-2026-NT80635

CLEANSTART-2026-OI10284

CLEANSTART-2026-OM95908

CLEANSTART-2026-OT07577

CLEANSTART-2026-OU18540

CLEANSTART-2026-OX06978

CLEANSTART-2026-PP64690

CLEANSTART-2026-PT56560

CLEANSTART-2026-PW57640

CLEANSTART-2026-PY36202

CLEANSTART-2026-PZ85180

CLEANSTART-2026-QB67682

CLEANSTART-2026-QF85840

CLEANSTART-2026-QK02462

CLEANSTART-2026-QP84300

CLEANSTART-2026-RZ44006

CLEANSTART-2026-SO13464

CLEANSTART-2026-SV08737

CLEANSTART-2026-TN07413

CLEANSTART-2026-TT42218

CLEANSTART-2026-TY63648

CLEANSTART-2026-UJ10620

CLEANSTART-2026-UY49411

CLEANSTART-2026-UY60586

CLEANSTART-2026-UZ17701

CLEANSTART-2026-VI68146

CLEANSTART-2026-VJ77782

CLEANSTART-2026-VL19675

CLEANSTART-2026-WB12909

CLEANSTART-2026-WB89098

CLEANSTART-2026-WG17155

CLEANSTART-2026-WH33500

CLEANSTART-2026-WN01990

CLEANSTART-2026-WO87803

CVE-2026-1229

GHSA-Q9HV-HPM4-HJ6X

GO-2026-4550

OPENSUSE-SU-2026:10313-1

OPENSUSE-SU-2026:10486-1

OPENSUSE-SU-2026:10613-1

OPENSUSE-SU-2026:10803-1

OPENSUSE-SU-2026:10967-1

OPENSUSE-SU-2026:10995-1

OPENSUSE-SU-2026:20620-1

OPENSUSE-SU-2026:20770-1

OPENSUSE-SU-2026:20948-1

SUSE-SU-2026:1042-1

Affected Products

Circl

CVE-2026-1229

Weakness Enumeration

Related Identifiers

Affected Products

References · 596