CVE-2025-8556

Published August 6th, 2025

View on NVD ↗

CVSS v3

3.7

LOW

CVSS v2

N/A

Affected

PROJECT

Description

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.

cloudflare/circl

CIRCL: Cloudflare Interoperable Reusable Cryptographic Library

GitHub

1.68K