CVE-2026-24850 - ML-DSA Signature Verification Accepts Signatures with Repeated Hint Indices

CVE ID : CVE-2026-24850 Published : Jan. 28, 2026, 1:16 a.m. | 56 minutes ago Description : The ML-DSA crate is a Rust implementation of the Module-Lattice-Based Digital Signature Standard (ML-DSA). Starting in version 0.0.4 and prior to version 0.1.0-rc.4, the ML-DSA signature verification implementation in the RustCrypto `ml-dsa` crate incorrectly accepts signatures with repeated (duplicate) hint indices. According to the ML-DSA specification (FIPS 204 / RFC 9881), hint indices within each polynomial must be **strictly increasing**. The current implementation uses a non-strict monotonic check (`<=`<`),<`<=`,Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...