CVE 8.7 HIGH

`openvm-pairing` pairing check missing proper subfield check on scaling factor_CVE-2026-46669

June 10, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Description

OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's try_honest_pairing_check function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a proper subfield of Fp12. This allows incorrect results to the pairing check. This issue has been patched in version 1.6.0.

AI Analysis

Pairing check missing proper subfield check on scaling factor, allowing incorrect results

Basic Information

ID CVE-2026-46669

Source GitHub_M

Published Jun 10, 2026 at 20:09

Affected Product

Vendor openvm-org

Product openvm

Version < 1.6.0

Affected Versions openvm-org openvm < 1.6.0

CWE Classification

CWE-20

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor openvm-org

Product openvm

Version < 1.6.0

References

{
    "lastseen": "",
    "description": "OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's try_honest_pairing_check function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a proper subfield of Fp12. This allows incorrect results to the pairing check. This issue has been patched in version 1.6.0.",
    "published": "2026-06-10T20:09:31.670Z",
    "modified": "2026-06-10T20:09:31.670Z",
    "type": "cve",
    "title": "`openvm-pairing` pairing check missing proper subfield check on scaling factor",
    "source": "GitHub_M",
    "references": "https://github.com/openvm-org/openvm/security/advisories/GHSA-76mq-v757-53gr\nhttps://github.com/openvm-org/openvm/releases/tag/v1.6.0",
    "id": "CVE-2026-46669",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "openvm-org openvm < 1.6.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "openvm",
    "version": "< 1.6.0",
    "vendor": "openvm-org",
    "ai_description": "Pairing check missing proper subfield check on scaling factor, allowing incorrect results",
    "ai_severity": "High",
    "ai_vendor": "openvm-org",
    "ai_product": "openvm",
    "ai_version": "< 1.6.0",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply