VYPR
Moderate severityNVD Advisory· Published Feb 11, 2026· Updated Feb 13, 2026

Pion DTLS uses random nonce generation with AES GCM ciphers risks leaking the authentication key

CVE-2026-26014

Description

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.0.10 and 3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack". Upgrade to v3.0.11, v3.1.1, or later.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/pion/dtls/v3Go
>= 3.1.0, < 3.1.13.1.1
github.com/pion/dtls/v2Go
<= 2.2.12
github.com/pion/dtlsGo
<= 1.5.4
github.com/pion/dtls/v3Go
< 3.0.113.0.11

Affected products

42

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.