VYPR
Low severity3.7GHSA Advisory· Published Aug 6, 2025· Updated Apr 15, 2026

CVE-2025-8556

CVE-2025-8556

Description

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/cloudflare/circlGo
< 1.6.11.6.1

Affected products

890

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.