CVE-2026-33894
Published: 27 March 2026
Summary
CVE-2026-33894 is a high-severity Improper Input Validation (CWE-20) vulnerability in Digitalbazaar Forge. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 13.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mandates timely identification, reporting, and correction of flaws like the RSASSA PKCS#1 v1.5 signature verification vulnerability by upgrading node-forge to version 1.4.0.
Requires vulnerability monitoring and scanning to identify known issues such as CVE-2026-33894 in JavaScript dependencies like node-forge.
Addresses the improper input validation (CWE-20) in signature ASN structure and padding by requiring validation checks at system entry points, supplementing flawed library behavior.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated signature forgery vuln in public-facing TLS/crypto library directly enables initial access via public app exploitation (T1190) and bypass of cryptographic signature verification (T1553.002).
NVD Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing “garbage” bytes…
more
within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN structure, rather than outside of it. Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries. Version 1.4.0 patches the issue.
Deeper analysisAI
CVE-2026-33894 affects Forge, also known as node-forge, a JavaScript implementation of Transport Layer Security (TLS). Prior to version 1.4.0, the library's RSASSA PKCS#1 v1.5 signature verification is vulnerable to forgery for keys with low public exponents (e=3). Attackers can craft invalid signatures that pass verification by inserting "garbage" bytes within the ASN structure, enabling Bleichenbacher-style attacks. This flaw differs from the similar CVE-2022-24771 by placing bytes in an additional field inside the ASN structure rather than outside it. Additionally, Forge fails to enforce the specification's requirement for at least 8 bytes of padding in signatures, giving attackers more room to construct forgeries. The vulnerability is rated 7.5 on the CVSS 3.1 scale (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) and maps to CWE-20 (Improper Input Validation) and CWE-347 (Improper Verification of Cryptographic Signature).
Remote attackers require no privileges or user interaction to exploit this over the network with low complexity. Successful exploitation allows forging signatures that the library accepts as valid, potentially enabling attackers to impersonate legitimate signers, bypass authentication mechanisms, or tamper with signed data in applications relying on Forge for TLS or cryptographic operations.
The GitHub security advisory (GHSA-ppp5-5v6c-4jwp) confirms that version 1.4.0 fully patches the issue by addressing the ASN structure handling and padding validation deficiencies. Security practitioners should upgrade affected Forge installations to 1.4.0 or later and audit dependencies in JavaScript applications using this library for signature verification.
Details
- CWE(s)